CVE-2021-29954

Description

Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs, including the metadata service. This vulnerability affects Hubs Cloud < mozillareality/reticulum/1.0.1/20210428201255.

Affected products

• Mozilla / Hubs Cloudunspecified – mozillareality/reticulum/1.0.1/20210428201255

References

• VENDOR_ADVISORYhttps://www.mozilla.org/security/advisories/mfsa2021-21/
• MISChttps://bugzilla.mozilla.org/show_bug.cgi?id=1707898