Lucene search
GoogleOSV:GHSA-VX9G-377X-XWXQHistoryApr 26, 2022 - 12:00 a.m.
Server side request forgery in gibbon
2022-04-2600:00:41
Google
osv.dev
6
gibbon
ssrf
version 3.4.3
EPSS
0.002
Percentile
59.3%
Gibbon v3.4.3 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL. This issue has been resolved in version 3.4.4
References
github.com/amro/gibbon
github.com/amro/gibbon/commit/b2eb99ed304d7491a6d348a5bbdc83a008fc6e0b
github.com/amro/gibbon/commit/cade20ca2438cd1b182dad70cbb77fb895779d10
github.com/amro/gibbon/pull/321
github.com/amro/gibbon/pull/321#issuecomment-1113147155
github.com/rubysec/ruby-advisory-db/blob/master/gems/gibbon/CVE-2022-27311.yml
nvd.nist.gov/vuln/detail/CVE-2022-27311
Related
prion
prion
Server side request forgery (ssrf)
2022-04-25 13:15:00
rubygems
rubygems
Server side request forgery in gibbon
2022-04-25 21:00:00
veracode
veracode
Server-Side Request Forgery (SSRF)
2022-04-26 03:35:46
osv
osv
CVE-2022-27311
2022-04-25 13:15:49
cve
cve
CVE-2022-27311
2022-04-25 13:15:49
cvelist
cvelist
CVE-2022-27311
2022-04-25 12:53:43
github
github
Server side request forgery in gibbon
2022-04-26 00:00:41
nvd
nvd
CVE-2022-27311
2022-04-25 13:15:49