CVE-2021-45851

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-45851

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-45851.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-45851

Aliases

GHSA-9vp3-7qwq-83r9

Published

2022-03-16T10:15:08.060Z

Modified

2026-03-13T05:17:51.992682Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server's internal environment and services, often potentially leading to the attacker executing commands on the server.

References

https://www.youtube.com/watch?v=JE1Kcq3iJpc

Affected packages

Git / github.com/frangoteam/fuxa

Affected ranges

Type

GIT

Repo

https://github.com/frangoteam/fuxa

Events

Introduced

Last affected

13d108722b23601fa8d28f8dcbd7c960f360dc01

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.1.3"
        }
    ]
}

Affected versions

v1.*

v1.0.0

v1.0.1

v1.0.10

v1.0.11

v1.0.1_alfa

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.0.8

v1.0.9

v1.1.01

v1.1.2

v1.1.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-45851.json"