Ruby: Resolv::getaddresses bug that can be abused to bypass security measures.
Description Resolv::getaddresses is OS-dependent, therefore by playing around with different IP formats one can return blank values. This bug can be abused to bypass exclusion lists often used to protect against SSRF. | š» Machine 1 | š» Machine 2 | |--------------|---------------| | ruby 2.3.3p222...
