GHSA-V2GC-RM6G-WRW9 Craft CMS: Cloud Metadata SSRF Protection Bypass via IPv6 Resolution

The SSRF validation in Craft CMS’s GraphQL Asset mutation uses gethostbyname, which only resolves IPv4 addresses. When a hostname has only AAAA IPv6 records, the function returns the hostname string itself, causing the blocklist comparison to always fail and completely bypassing SSRF protection...

Craft CMS 安全漏洞

Craft CMS is an open-source content management system developed by Craft CMS. There are security vulnerabilities in versions 4.5.0-RC1 to 4.16.18, and from 5.0.0-RC1 to 5.8.22 of Craft CMS. These vulnerabilities stem from a TOCTOU issue in the SSRF validation of GraphQL Assets, which could lead t...