CVE-2021-45851: Server-Side Request Forgery (SSRF)

March 17, 2022 (updated March 29, 2022)

A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server’s internal environment and services, often potentially leading to the attacker executing commands on the server.

References

github.com/advisories/GHSA-9vp3-7qwq-83r9
nvd.nist.gov/vuln/detail/CVE-2021-45851
www.youtube.com/watch?v=JE1Kcq3iJpc

Detect and mitigate CVE-2021-45851 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →