Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL.
References
Link | Resource |
---|---|
https://github.com/amro/gibbon/commit/b2eb99ed304d7491a6d348a5bbdc83a008fc6e0b | Patch Third Party Advisory |
https://github.com/amro/gibbon/commit/cade20ca2438cd1b182dad70cbb77fb895779d10 | Patch Third Party Advisory |
https://github.com/amro/gibbon/pull/321 | Issue Tracking Patch Third Party Advisory |
Configurations
History
No history.
Information
Published : 2022-04-25 13:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-27311
Mitre link : CVE-2022-27311
CVE.ORG link : CVE-2022-27311
JSON object : View
Products Affected
gibbon_project
- gibbon
CWE
CWE-918
Server-Side Request Forgery (SSRF)