etcd/server/etcdserver/cluster_util.go at db4e95cb1f8d3a8eebfb89c880d5fbd8d6165292

mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00

Files

James Blair 3b37afec7b Don't follow redirects when checking peer urls.

It's possible that etcd server may run into SSRF situation when adding a new member. If users provide a malicious peer URL, the existing etcd members may be redirected to other unexpected internal URL when getting the new member's version.

Signed-off-by: James Blair <mail@jamesblair.net>

2023-11-21 10:25:20 +13:00

13 KiB

Raw Blame History

View Raw

13 KiB Raw Blame History

13 KiB

Raw Blame History