Guarddog (>= 1.0.0, <= 2.9.0)

GuardDog versions 1.0.0 through 2.9.0 are vulnerable to Server-Side Request Forgery (SSRF) and potential `GH_TOKEN` exfiltration due to a blind URL rewrite in remote project scanning; an attacker can influence the scanned repository URL to trigger SSRF and capture the `GH_TOKEN` used by GuardDog.