public/once-campfire
1
0
Fork 0
mirror of https://github.com/basecamp/once-campfire.git synced 2026-02-21 12:10:34 +09:00
Code Issues Packages Projects Releases Wiki Activity
129 Commits 1 Branch 5 Tags
main
Commit Graph

4 Commits

Author SHA1 Message Date
Jeremy Daer
e983e3f79f Block IPv6 SSRF bypass via ipv4_compat addresses (#153) 
Adds ipv4_mapped? and ipv4_compat? checks to PrivateNetworkGuard.private_ip?
to block SSRF bypass attempts using IPv6 address formats like:
- ::ffff:169.254.169.254 (IPv4-mapped)
- ::169.254.169.254 (IPv4-compatible)

These formats could previously bypass the link_local? check since Ruby
treats them as IPv6 addresses, not IPv4.

Ref: HackerOne #3481701
 2025-12-31 13:01:43 -08:00
Stanko K.R.
0672673916 Disallow SSRF via IPv6 addresses mapped to IPv4 addresses 2025-12-03 08:08:34 +01:00
Jeremy Daer
5667262d1c Security: disallow blind SSRF to link-local IPs via URL unfurling 2025-12-02 21:33:44 -08:00
Kevin McConnell
df76a227dc Hello world 
First open source release of Campfire 🎉
 2025-08-21 09:31:59 +01:00