2 matches found
CVE-2017-0909
The privateaddresscheck ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network addresses used to prevent server-side request forgery...
CVE-2017-0909
The CVE-2017-0909 issue affects the private_address_check Ruby gem (versions before 0.4.1). It enables a bypass of its server-side request forgery (SSRF) protections by an incomplete blacklist of private/local addresses, notably missing 0.0.0.0. Affected behavior: attackers can bypass the blackli...