{"id":"CVE-2021-4138","details":"Improved Host header checks to reject requests not sent to a well-known local hostname or IP, or the server-specified hostname.","modified":"2026-03-14T11:14:30.516391Z","published":"2022-05-02T23:15:08.057Z","references":[{"type":"ADVISORY","url":"https://github.com/mozilla/geckodriver/releases/tag/v0.30.0"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1652612"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mozilla/geckodriver","events":[{"introduced":"0"},{"fixed":"d06ed1be13ef77e4f75ef06beb6ab829e2eef191"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.30.0"}]}}],"versions":["0.3.0","v0.1.0","v0.10.0","v0.11.0","v0.11.1","v0.12.0","v0.13.0","v0.14.0","v0.15.0","v0.16.0","v0.16.1","v0.17.0","v0.18.0","v0.19.0","v0.19.1","v0.2.0","v0.20.0","v0.20.1","v0.21.0","v0.22.0","v0.23.0","v0.24.0","v0.25.0","v0.27.0","v0.28.0","v0.29.0","v0.29.1","v0.4.0","v0.4.1","v0.4.2","v0.5.0","v0.6.0","v0.6.2","v0.7.1","v0.8.0","v0.9.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4138.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}