Serilog-contrib - Serilog-enrichers-clientinfo CVE

Filtered by vendor Serilog-contrib Subscribe

Filtered by product Serilog-enrichers-clientinfo

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2024-44930	1 Serilog-contrib	1 Serilog-enrichers-clientinfo	2024-09-04	N/A	6.5 MEDIUM
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests.

Vulnerabilities (CVE)