CVE-2020-36474: SafeCurl before 0.9.2 has a DNS rebinding vulnerability.

August 25, 2021

SafeCurl before 0.9.2 has a DNS rebinding vulnerability.

References

github.com/advisories/GHSA-x2xg-6wcj-6xf9
github.com/vanilla/safecurl/pull/2
github.com/vanilla/safecurl/releases/tag/v0.9.2
nvd.nist.gov/vuln/detail/CVE-2020-36474

Detect and mitigate CVE-2020-36474 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →