CVE-2021-4138

Summary

Improved Host header checks to reject requests not sent to a well-known local hostname or IP, or the server-specified hostname.

Affected Software

VendorProductVersion RangeStatus
Mozillageckodriverunspecified < 0.30.0affected

Weaknesses

  • Fixed a DNS rebinding issues by enforcing a stricter Host header check.

ADP Enrichment

CVE Program Container

Additional References

References