Moderate severityNVD Advisory· Published Aug 29, 2024· Updated Mar 14, 2025
CVE-2024-44930
CVE-2024-44930
Description
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Serilog.Enrichers.ClientInfoNuGet | < 2.1.0 | 2.1.0 |
Affected products
2Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-5x5q-cqf6-gj8rghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-44930ghsaADVISORY
- github.com/serilog-contrib/serilog-enrichers-clientinfo/commit/a72051d1900131e6fb30bcfd9491a988167fb6acghsaWEB
- github.com/serilog-contrib/serilog-enrichers-clientinfo/issues/29ghsaWEB
- github.com/serilog-contrib/serilog-enrichers-clientinfo/pull/38ghsaWEB
- github.com/serilog-contrib/serilog-enrichers-clientinfo/releases/tag/v2.1.0ghsaWEB
News mentions
0No linked articles in our index yet.