ADVISORIES
GEM
SEVERITY
CVSS v3.x: 9.8 (Critical)
PATCHED VERSIONS
- >= 3.4.4
DESCRIPTION
Gibbon v3.4.3 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL. This issue has been resolved in version 3.4.4
| Get Updates: | Via Atom | On Twitter | On GitHub |
RubySec
Providing security resources for the Ruby community