Vulnerability Description
The private_address_check ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addresses to prevent server-side request forgery.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Private Address Check Project | Private Address Check | < 0.4.0 |
Related Weaknesses (CWE)
References
- https://edoverflow.com/2017/ruby-resolv-bug/Issue TrackingThird Party Advisory
- https://github.com/jtdowney/private_address_check/commit/58a0d7fe31de339c0117160Third Party Advisory
- https://github.com/jtdowney/private_address_check/issues/1Issue TrackingThird Party Advisory
- https://hackerone.com/reports/287245Issue TrackingMitigationPatch
- https://hackerone.com/reports/287835Permissions RequiredThird Party Advisory
- https://edoverflow.com/2017/ruby-resolv-bug/Issue TrackingThird Party Advisory
- https://github.com/jtdowney/private_address_check/commit/58a0d7fe31de339c0117160Third Party Advisory
- https://github.com/jtdowney/private_address_check/issues/1Issue TrackingThird Party Advisory
- https://hackerone.com/reports/287245Issue TrackingMitigationPatch
- https://hackerone.com/reports/287835Permissions RequiredThird Party Advisory
FAQ
What is CVE-2017-0904?
CVE-2017-0904 is a vulnerability with a CVSS score of 8.1 (HIGH). The private_address_check ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, su...
How severe is CVE-2017-0904?
CVE-2017-0904 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-0904?
Check the references section above for vendor advisories and patch information. Affected products include: Private Address Check Project Private Address Check.