CVE-2017-0904

moderate-risk
Published 2017-11-13

The private_address_check ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addresses to prevent server-side request forgery.

Do I need to act?

-
0.86% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.1/10 High
NETWORK / HIGH complexity

Affected Products (1)

Private Address Check

Affected Vendors

Private Address Check Project

References (10)

Issue Tracking https://edoverflow.com/2017/ruby-resolv-bug/
Third Party Advisory https://github.com/jtdowney/private_address_check/commit/58a0d7fe31de339c0117160...
Issue Tracking https://github.com/jtdowney/private_address_check/issues/1
Issue Tracking https://hackerone.com/reports/287245
Permissions Required https://hackerone.com/reports/287835
Issue Tracking https://edoverflow.com/2017/ruby-resolv-bug/
Third Party Advisory https://github.com/jtdowney/private_address_check/commit/58a0d7fe31de339c0117160...
Issue Tracking https://github.com/jtdowney/private_address_check/issues/1
Issue Tracking https://hackerone.com/reports/287245
Permissions Required https://hackerone.com/reports/287835
32
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 3/34 · Minimal
Exposure 5/34 · Minimal