CVE-2024-44930: Serilog Client IP Spoofing vulnerability
Serilog (before v2.1.0) contains a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses in log files by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests.
It is not possible to configure Serilog.Enrichers.ClientInfo to not trust the X-Forwarded-For header.
References
- github.com/advisories/GHSA-5x5q-cqf6-gj8r
- github.com/serilog-contrib/serilog-enrichers-clientinfo
- github.com/serilog-contrib/serilog-enrichers-clientinfo/commit/a72051d1900131e6fb30bcfd9491a988167fb6ac
- github.com/serilog-contrib/serilog-enrichers-clientinfo/issues/29
- github.com/serilog-contrib/serilog-enrichers-clientinfo/pull/38
- github.com/serilog-contrib/serilog-enrichers-clientinfo/releases/tag/v2.1.0
- nvd.nist.gov/vuln/detail/CVE-2024-44930
Code Behaviors & Features
Detect and mitigate CVE-2024-44930 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →