CVE-2017-0909
N/A
N/A
Summary
The private_address_check ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network addresses used to prevent server-side request forgery.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HackerOne | private_address_check ruby gem | Versions before 0.4.1 | affected |
Weaknesses
- CWE-184: Incomplete Blacklist (CWE-184)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.