Vulnerability Instance

Server-side request forgery in CarrierWave
### Impact
[CarrierWave download feature](https://github.com/carrierwaveuploader/carrierwave#uploading-files-from-a-remote-location
has an SSRF vulnerability, allowing attacks to provide DNS entries or IP addresses that are intended for internal use
and gather information about the Intranet infrastructure of the platform.

### Patches
Upgrade to [2.1.1](https://rubygems.org/gems/carrierwave/versions/2.1.1) or
[1.3.2](https://rubygems.org/gems/carrierwave/versions/1.3.2).

### Workarounds
Using proper network segmentation and applying the principle of least privilege to outbound connections from application
servers can reduce the severity of SSRF vulnerabilities. Ideally the vulnerable gem should run on an isolated server
without access to any internal network resources or cloud metadata access.