Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL.
References
Link | Resource |
---|---|
https://github.com/amro/gibbon/pull/321 | Issue Tracking Patch Third Party Advisory |
https://github.com/amro/gibbon/commit/b2eb99ed304d7491a6d348a5bbdc83a008fc6e0b | Patch Third Party Advisory |
https://github.com/amro/gibbon/commit/cade20ca2438cd1b182dad70cbb77fb895779d10 | Patch Third Party Advisory |
Configurations
Information
Published : 2022-04-25 06:15
Updated : 2022-05-05 09:35
NVD link : CVE-2022-27311
Mitre link : CVE-2022-27311
JSON object : View
CWE
CWE-918
Server-Side Request Forgery (SSRF)
Products Affected
gibbon_project
- gibbon