cpe:/a:private_address_check_project:private_address_check:0.1.0::~~~ruby~~ cpe:/a:private_address_check_project:private_address_check:0.2.0::~~~ruby~~ cpe:/a:private_address_check_project:private_address_check:0.3.0::~~~ruby~~ cpe:/a:private_address_check_project:private_address_check:0.4.0::~~~ruby~~ CVE-2017-0909 2017-11-16T17:29:00.267-05:00 2019-10-09T19:21:11.633-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov CONFIRM https://github.com/jtdowney/private_address_check/pull/3 MISC https://hackerone.com/reports/288950 The private_address_check ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network addresses used to prevent server-side request forgery.