An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM0cXItZ21yOS12MjN3
By crafting a specific URL, it is possible to escape the prefix of the proxied backend service.
If the base url of the proxied server is
/pub/, a user expect that accessing
/priv on the target service would not be possible. Unfortunately, it is.
All releases after v4.3.1 include the fix.
There are no workaround available.
For more information
If you have any questions or comments about this advisory:https://github.com/advisories/GHSA-c4qr-gmr9-v23w
Source: GitHub Advisory Database
Published: over 2 years ago
Updated: 10 months ago
CVSS Score: 10.0
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Identifiers: GHSA-c4qr-gmr9-v23w, CVE-2021-21322
Fixed in: 4.3.1