Количество 3
Количество 3
CVE-2021-22963
A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//google.com/%2e%2e.The issue shows up on all the fastify-static applications that set redirect: true option. By default, it is false.
CVE-2021-22963
A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//google.com/%2e%2e.The issue shows up on all the fastify-static applications that set redirect: true option. By default, it is false.
GHSA-p6vg-p826-qp3v
URL Redirection to Untrusted Site ('Open Redirect') in fastify-static
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-22963 A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//google.com/%2e%2e.The issue shows up on all the fastify-static applications that set redirect: true option. By default, it is false. | CVSS3: 5.3 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-22963 A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//google.com/%2e%2e.The issue shows up on all the fastify-static applications that set redirect: true option. By default, it is false. | CVSS3: 6.1 | 0% Низкий | больше 4 лет назад |
| GHSA-p6vg-p826-qp3v URL Redirection to Untrusted Site ('Open Redirect') in fastify-static | CVSS3: 6.1 | 0% Низкий | больше 4 лет назад |
Уязвимостей на страницу