Published: 14/10/2021 Updated: 20/10/2021

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote malicious users to redirect users to arbitrary websites via a double slash // followed by a domain: localhost:3000//google.com/%2e%2e.The issue shows up on all the fastify-static applications that set redirect: true option. By default, it is false.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fastify fastify-static

Synopsis Important: Red Hat Advanced Cluster Management 242 security updates and bug fixes Type/Severity Security Advisory: Important Topic Red Hat Advanced Cluster Management for Kubernetes 242 General Availabilityrelease images This update provides security fixes, fixes bugs, and updates the container imagesRed Hat Product Security ha ...

A redirect vulnerability in the fastify-static module version &lt; 424 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: localhost:3000//googlecom/%2e%2eThe issue shows up on all the fastify-static applications that set redirect: true option By default, it is false ...

CWE-601 https://hackerone.com/reports/1354255 https://access.redhat.com/errata/RHSA-2022:0735 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2021-22963

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-22963

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect