Critical severity9.8NVD Advisory· Published Apr 25, 2022· Updated Jun 17, 2026
CVE-2022-27311
CVE-2022-27311
Description
Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
gibbonRubyGems | < 3.4.4 | 3.4.4 |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/amro/gibbon/commit/b2eb99ed304d7491a6d348a5bbdc83a008fc6e0bnvdPatchThird Party AdvisoryWEB
- github.com/amro/gibbon/commit/cade20ca2438cd1b182dad70cbb77fb895779d10nvdPatchThird Party AdvisoryWEB
- github.com/amro/gibbon/pull/321nvdIssue TrackingPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-vx9g-377x-xwxqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-27311ghsaADVISORY
- github.com/amro/gibbon/pull/321ghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/gibbon/CVE-2022-27311.ymlghsaWEB
News mentions
0No linked articles in our index yet.