private_address_check contains race condition

The privateaddresscheck ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use TOCTOU race condition due to the address the socket uses not being checked. DNS entries with a TTL of 0 can trigger this case where the initial resolution is a public address but the subsequent resolution i...

CVE-2018-3759

The CVE concerns the Ruby gem private_address_check (pre-0.5.0). It describes a TOCTOU race condition caused by not checking the socket’s destination address, where a DNS entry with TTL 0 can yield a public address initially and a private address subsequently. Multiple connected sources (GitHub a...

GHSA-3V3C-R5V2-68PH private_address_check contains Incomplete List of Disallowed Inputs

The privateaddresscheck ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network addresses used to prevent server-side request forgery...

private_address_check contains Incomplete List of Disallowed Inputs

The privateaddresscheck ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network addresses used to prevent server-side request forgery...

GHSA-HXHJ-HP9M-QWC4 private_address_check vulnerable to bypass of Resolv.getaddresses method

The privateaddresscheck ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addresses to prevent server-side request forgery...

CVE-2017-0909

The privateaddresscheck ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network addresses used to prevent server-side request forgery...

CVE-2017-0909

The CVE-2017-0909 issue affects the private_address_check Ruby gem (versions before 0.4.1). It enables a bypass of its server-side request forgery (SSRF) protections by an incomplete blacklist of private/local addresses, notably missing 0.0.0.0. Affected behavior: attackers can bypass the blackli...

Server side request forgery (ssrf)

The privateaddresscheck ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addresses to prevent server-side request forgery...

CVE-2017-0904

The privateaddresscheck ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addresses to prevent server-side request forgery...

CVE-2017-0904

The privateaddresscheck ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addresses to prevent server-side request forgery...

CVE-2017-0904

The private_address_check Ruby gem (versions before 0.4.0) is affected by a bypass of its own privacy filter due to using Ruby’s Resolv.getaddresses, which is OS-dependent and cannot be trusted for security checks. This can undermine server-side request forgery protections that rely on blacklisti...

HackerOne: Additional bypass allows SSRF for internal netblocks

It turns out there is another bypass in the privateaddresscheck gem. The gem does not include 0.0.0.0 in the exclusion list in the first place. irbmain:001:0 require 'privateaddresscheck' = true irbmain:002:0 PrivateAddressCheck.privateaddress?"0.0.0.0" = false I was able to bypass your filter by...

Ruby: Resolv::getaddresses bug that can be abused to bypass security measures.

Description Resolv::getaddresses is OS-dependent, therefore by playing around with different IP formats one can return blank values. This bug can be abused to bypass exclusion lists often used to protect against SSRF. | 💻 Machine 1 | 💻 Machine 2 | |--------------|---------------| | ruby 2.3.3p222...