#391 MEDIUM: SSRF bypass via DNS rebinding (TOCTOU)
Description
Edithttp_request.py:107-124 - DNS resolved at validation time, but request may resolve to different IP (DNS rebinding). TOCTOU vulnerability. Fix: Resolve DNS yourself and connect to IP directly, or use requests adapter to enforce IP at connection time.
Comments
Loading comments...
Context
Loading context...
Audit History
View AllLoading audit history...