Private Address Check Project ≫ Private Address Check

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

4.3

CVE-2018-3759

EPSS 0.18%
Veröffentlicht 13.06.2018 15:29:00
Zuletzt bearbeitet 21.11.2024 04:06:01

private_address_check ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition due to the address the socket uses not being checked. DNS entries with a TTL of 0 can trigger this case where the initial resolution is a...

9.8

CVE-2017-0909

EPSS 0.34%
Veröffentlicht 16.11.2017 22:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25

The private_address_check ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network addresses used to prevent server-side request forgery.

8.1

CVE-2017-0904

EPSS 0.86%
Veröffentlicht 13.11.2017 17:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25

The private_address_check ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addre...

Team-orientierte Vulnerability Management Plattform

Features der Plattform

Private Address Check Project ≫ Private Address Check

CVE-2018-3759

CVE-2017-0909

CVE-2017-0904