Gibbon v3.4.3 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL. This issue has been resolved in version 3.4.4
github.com/amro/gibbon
github.com/amro/gibbon/commit/b2eb99ed304d7491a6d348a5bbdc83a008fc6e0b
github.com/amro/gibbon/commit/cade20ca2438cd1b182dad70cbb77fb895779d10
github.com/amro/gibbon/pull/321
github.com/amro/gibbon/pull/321#issuecomment-1113147155
github.com/rubysec/ruby-advisory-db/blob/master/gems/gibbon/CVE-2022-27311.yml
nvd.nist.gov/vuln/detail/CVE-2022-27311