github.com/coreos/etcd/pkg/httputil is a distributed reliable key-value store for the most critical data of a distributed system.
Affected versions of this package are vulnerable to DNS Rebinding. An attacker can control their DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).
github.com/coreos/etcd/pkg/httputil to version 3.4 or higher.
Do your applications use this vulnerable package?