漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
serilog-enrichers-clientinfo 安全漏洞
Vulnerability Description
serilog-enrichers-clientinfo是Serilog Contrib社区的一个工具。 serilog-enrichers-clientinfo v2.1.0之前版本存在安全漏洞,该漏洞源于存在客户端IP欺骗问题,允许攻击者在执行HTT 请求时通过将任意IP指定为X-Forwarded-For或Client-Ip标头的值来伪造其IP地址。
CVSS Information
N/A
Vulnerability Type
N/A