CVE-2022-27311

Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL.
Configurations

Configuration 1 (hide)

cpe:2.3:a:gibbon_project:gibbon:*:*:*:*:*:ruby:*:*

History

21 Nov 2024, 06:55

Type Values Removed Values Added
References () https://github.com/amro/gibbon/commit/b2eb99ed304d7491a6d348a5bbdc83a008fc6e0b - Patch, Third Party Advisory () https://github.com/amro/gibbon/commit/b2eb99ed304d7491a6d348a5bbdc83a008fc6e0b - Patch, Third Party Advisory
References () https://github.com/amro/gibbon/commit/cade20ca2438cd1b182dad70cbb77fb895779d10 - Patch, Third Party Advisory () https://github.com/amro/gibbon/commit/cade20ca2438cd1b182dad70cbb77fb895779d10 - Patch, Third Party Advisory
References () https://github.com/amro/gibbon/pull/321 - Issue Tracking, Patch, Third Party Advisory () https://github.com/amro/gibbon/pull/321 - Issue Tracking, Patch, Third Party Advisory

Information

Published : 2022-04-25 13:15

Updated : 2024-11-21 06:55


NVD link : CVE-2022-27311

Mitre link : CVE-2022-27311

CVE.ORG link : CVE-2022-27311


JSON object : View

Products Affected

gibbon_project

  • gibbon
CWE
CWE-918

Server-Side Request Forgery (SSRF)