DNS Rebinding Affecting go.etcd.io/etcd/v3/pkg/httputil Open this link in a new tab package, versions <3.4.0
Do your applications use this vulnerable package?
26 Apr 2018
25 Feb 2018
How to fix?
go.etcd.io/etcd/v3/pkg/httputil to version 3.4.0 or higher.
Affected versions of this package are vulnerable to DNS Rebinding. An attacker can control their DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).