New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSRF in repository migrate via git clone #5372
Comments
|
I think you can just escape some special chars like |
|
Was this issue ever addressed? please note that CVE-2018-16409 was assigned |
|
Is this security issue fixed yet? |
|
@ElleshaHackett No. |
|
I see. It's more than three years. Anything I can help with? |
|
@ElleshaHackett I think what we need is basically implement the similar mitigation that GitLab did, which from my understanding is to disable request to local IPv4/IPv6 addresses by default. |
|
Hey, according to https://owasp.org/www-community/attacks/Server_Side_Request_Forgery, being able to make requests to the external network is not considered as SSRF. Thus closing. Please comment if you have any other questions! |
log/gogs.log):Description
attacker may use migrate to send arbitrary http get requests. impact just like #5366
Patch
only allow migration from trusted sources
https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/
salt of Tencent's Xuanwu Lab
The text was updated successfully, but these errors were encountered: