Product/Service Issue ID
private_address_check SSRF filter bypass due to use of Ruby's Resolv::getaddresses method, which is OS-dependent and should not be relied upon for security measures. CVE-2017-0904
private_address_check SSRF filter bypass due to missing addresses in the exclusion list. CVE-2017-0909
GitLab CE & EE SSRF filter bypass due to use of Ruby's Resolv::getaddresses method, which is OS-dependent. #33310