| 0 |
| url |
VCID-1bxj-7h5q-jbdz |
| vulnerability_id |
VCID-1bxj-7h5q-jbdz |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:gem/actionpack@6.1.3.2 |
| purl |
pkg:gem/actionpack@6.1.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1f8y-2bmg-qufg |
|
| 1 |
| vulnerability |
VCID-43zc-ndt3-xfc5 |
|
| 2 |
| vulnerability |
VCID-4jjq-jkgc-mkca |
|
| 3 |
| vulnerability |
VCID-9w4d-2z52-wyaf |
|
| 4 |
| vulnerability |
VCID-eecu-e2ds-jbdc |
|
| 5 |
| vulnerability |
VCID-f22x-hsz9-kfau |
|
| 6 |
| vulnerability |
VCID-fnkq-8eys-gygm |
|
| 7 |
| vulnerability |
VCID-n2ap-zgrd-skhf |
|
| 8 |
| vulnerability |
VCID-nvse-2qzf-n7ba |
|
| 9 |
| vulnerability |
VCID-semx-3823-f7f6 |
|
| 10 |
| vulnerability |
VCID-x6wm-6c84-2qdw |
|
| 11 |
| vulnerability |
VCID-xhqj-617q-f7fb |
|
| 12 |
| vulnerability |
VCID-yp5x-mgfj-xbbf |
|
| 13 |
| vulnerability |
VCID-ypmv-73g2-gfex |
|
| 14 |
| vulnerability |
VCID-yrjj-cken-6qff |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.3.2 |
|
|
| aliases |
CVE-2021-22904, GHSA-7wjx-3g7j-8584
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1bxj-7h5q-jbdz |
|
| 1 |
| url |
VCID-1f8y-2bmg-qufg |
| vulnerability_id |
VCID-1f8y-2bmg-qufg |
| summary |
Exposure of information in Action Pack
Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests. This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:gem/actionpack@6.1.4.6 |
| purl |
pkg:gem/actionpack@6.1.4.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-43zc-ndt3-xfc5 |
|
| 1 |
| vulnerability |
VCID-4jjq-jkgc-mkca |
|
| 2 |
| vulnerability |
VCID-9w4d-2z52-wyaf |
|
| 3 |
| vulnerability |
VCID-f22x-hsz9-kfau |
|
| 4 |
| vulnerability |
VCID-fnkq-8eys-gygm |
|
| 5 |
| vulnerability |
VCID-n2ap-zgrd-skhf |
|
| 6 |
| vulnerability |
VCID-semx-3823-f7f6 |
|
| 7 |
| vulnerability |
VCID-x6wm-6c84-2qdw |
|
| 8 |
| vulnerability |
VCID-xhqj-617q-f7fb |
|
| 9 |
| vulnerability |
VCID-yp5x-mgfj-xbbf |
|
| 10 |
| vulnerability |
VCID-ypmv-73g2-gfex |
|
| 11 |
| vulnerability |
VCID-yrjj-cken-6qff |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.4.6 |
|
| 1 |
|
| 2 |
| url |
pkg:gem/actionpack@7.0.2.2 |
| purl |
pkg:gem/actionpack@7.0.2.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-43zc-ndt3-xfc5 |
|
| 1 |
| vulnerability |
VCID-4jjq-jkgc-mkca |
|
| 2 |
| vulnerability |
VCID-9w4d-2z52-wyaf |
|
| 3 |
| vulnerability |
VCID-f22x-hsz9-kfau |
|
| 4 |
| vulnerability |
VCID-fnkq-8eys-gygm |
|
| 5 |
| vulnerability |
VCID-kt8w-wxpx-vyf9 |
|
| 6 |
| vulnerability |
VCID-n2ap-zgrd-skhf |
|
| 7 |
| vulnerability |
VCID-semx-3823-f7f6 |
|
| 8 |
| vulnerability |
VCID-x6wm-6c84-2qdw |
|
| 9 |
| vulnerability |
VCID-xhqj-617q-f7fb |
|
| 10 |
| vulnerability |
VCID-yp5x-mgfj-xbbf |
|
| 11 |
| vulnerability |
VCID-ypmv-73g2-gfex |
|
| 12 |
| vulnerability |
VCID-yrjj-cken-6qff |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.2.2 |
|
|
| aliases |
CVE-2022-23633, GHSA-wh98-p28r-vrc9
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1f8y-2bmg-qufg |
|
| 2 |
|
| 3 |
| url |
VCID-4jjq-jkgc-mkca |
| vulnerability_id |
VCID-4jjq-jkgc-mkca |
| summary |
Rails has possible XSS Vulnerability in Action Controller
# Possible XSS Vulnerability in Action Controller
There is a possible XSS vulnerability when using the translation helpers
(`translate`, `t`, etc) in Action Controller. This vulnerability has been
assigned the CVE identifier CVE-2024-26143.
Versions Affected: >= 7.0.0.
Not affected: < 7.0.0
Fixed Versions: 7.1.3.1, 7.0.8.1
Impact
------
Applications using translation methods like `translate`, or `t` on a
controller, with a key ending in "_html", a `:default` key which contains
untrusted user input, and the resulting string is used in a view, may be
susceptible to an XSS vulnerability.
For example, impacted code will look something like this:
```ruby
class ArticlesController < ApplicationController
def show
@message = t("message_html", default: untrusted_input)
# The `show` template displays the contents of `@message`
end
end
```
To reiterate the pre-conditions, applications must:
* Use a translation function from a controller (i.e. _not_ I18n.t, or `t` from
a view)
* Use a key that ends in `_html`
* Use a default value where the default value is untrusted and unescaped input
* Send the text to the victim (whether that's part of a template, or a
`render` call)
All users running an affected release should either upgrade or use one of the
workarounds immediately.
Releases
--------
The fixed releases are available at the normal locations.
Workarounds
-----------
There are no feasible workarounds for this issue.
Patches
-------
To aid users who aren't able to upgrade immediately we have provided patches for
the two supported release series. They are in git-am format and consist of a
single changeset.
* 7-0-translate-xss.patch - Patch for 7.0 series
* 7-1-translate-xss.patch - Patch for 7.1 series
Credits
-------
Thanks to [ooooooo_q](https://hackerone.com/ooooooo_q) for the patch and fix! |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-26143, GHSA-9822-6m93-xqf4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4jjq-jkgc-mkca |
|
| 4 |
| url |
VCID-8c6b-8z6x-2uen |
| vulnerability_id |
VCID-8c6b-8z6x-2uen |
| summary |
|
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:gem/actionpack@6.1.2.1 |
| purl |
pkg:gem/actionpack@6.1.2.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bxj-7h5q-jbdz |
|
| 1 |
| vulnerability |
VCID-1f8y-2bmg-qufg |
|
| 2 |
| vulnerability |
VCID-43zc-ndt3-xfc5 |
|
| 3 |
| vulnerability |
VCID-4jjq-jkgc-mkca |
|
| 4 |
| vulnerability |
VCID-9w4d-2z52-wyaf |
|
| 5 |
| vulnerability |
VCID-be3d-1x2j-qffu |
|
| 6 |
| vulnerability |
VCID-eecu-e2ds-jbdc |
|
| 7 |
| vulnerability |
VCID-f22x-hsz9-kfau |
|
| 8 |
| vulnerability |
VCID-fnkq-8eys-gygm |
|
| 9 |
| vulnerability |
VCID-n2ap-zgrd-skhf |
|
| 10 |
| vulnerability |
VCID-nvse-2qzf-n7ba |
|
| 11 |
| vulnerability |
VCID-sd3k-af7j-h7h4 |
|
| 12 |
| vulnerability |
VCID-semx-3823-f7f6 |
|
| 13 |
| vulnerability |
VCID-x6wm-6c84-2qdw |
|
| 14 |
| vulnerability |
VCID-xhqj-617q-f7fb |
|
| 15 |
| vulnerability |
VCID-yp5x-mgfj-xbbf |
|
| 16 |
| vulnerability |
VCID-ypmv-73g2-gfex |
|
| 17 |
| vulnerability |
VCID-yrjj-cken-6qff |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.2.1 |
|
|
| aliases |
CVE-2021-22881, GHSA-8877-prq4-9xfw
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8c6b-8z6x-2uen |
|
| 5 |
|
| 6 |
| url |
VCID-be3d-1x2j-qffu |
| vulnerability_id |
VCID-be3d-1x2j-qffu |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:gem/actionpack@6.1.3.1 |
| purl |
pkg:gem/actionpack@6.1.3.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bxj-7h5q-jbdz |
|
| 1 |
| vulnerability |
VCID-1f8y-2bmg-qufg |
|
| 2 |
| vulnerability |
VCID-43zc-ndt3-xfc5 |
|
| 3 |
| vulnerability |
VCID-4jjq-jkgc-mkca |
|
| 4 |
| vulnerability |
VCID-9w4d-2z52-wyaf |
|
| 5 |
| vulnerability |
VCID-be3d-1x2j-qffu |
|
| 6 |
| vulnerability |
VCID-e4f9-zs85-4bgh |
|
| 7 |
| vulnerability |
VCID-eecu-e2ds-jbdc |
|
| 8 |
| vulnerability |
VCID-f22x-hsz9-kfau |
|
| 9 |
| vulnerability |
VCID-fnkq-8eys-gygm |
|
| 10 |
| vulnerability |
VCID-n2ap-zgrd-skhf |
|
| 11 |
| vulnerability |
VCID-nvse-2qzf-n7ba |
|
| 12 |
| vulnerability |
VCID-sd3k-af7j-h7h4 |
|
| 13 |
| vulnerability |
VCID-semx-3823-f7f6 |
|
| 14 |
| vulnerability |
VCID-x6wm-6c84-2qdw |
|
| 15 |
| vulnerability |
VCID-xhqj-617q-f7fb |
|
| 16 |
| vulnerability |
VCID-yp5x-mgfj-xbbf |
|
| 17 |
| vulnerability |
VCID-ypmv-73g2-gfex |
|
| 18 |
| vulnerability |
VCID-yrjj-cken-6qff |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.3.1 |
|
| 1 |
| url |
pkg:gem/actionpack@6.1.3.2 |
| purl |
pkg:gem/actionpack@6.1.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1f8y-2bmg-qufg |
|
| 1 |
| vulnerability |
VCID-43zc-ndt3-xfc5 |
|
| 2 |
| vulnerability |
VCID-4jjq-jkgc-mkca |
|
| 3 |
| vulnerability |
VCID-9w4d-2z52-wyaf |
|
| 4 |
| vulnerability |
VCID-eecu-e2ds-jbdc |
|
| 5 |
| vulnerability |
VCID-f22x-hsz9-kfau |
|
| 6 |
| vulnerability |
VCID-fnkq-8eys-gygm |
|
| 7 |
| vulnerability |
VCID-n2ap-zgrd-skhf |
|
| 8 |
| vulnerability |
VCID-nvse-2qzf-n7ba |
|
| 9 |
| vulnerability |
VCID-semx-3823-f7f6 |
|
| 10 |
| vulnerability |
VCID-x6wm-6c84-2qdw |
|
| 11 |
| vulnerability |
VCID-xhqj-617q-f7fb |
|
| 12 |
| vulnerability |
VCID-yp5x-mgfj-xbbf |
|
| 13 |
| vulnerability |
VCID-ypmv-73g2-gfex |
|
| 14 |
| vulnerability |
VCID-yrjj-cken-6qff |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.3.2 |
|
|
| aliases |
CVE-2021-22885, GHSA-hjg4-8q5f-x6fm
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-be3d-1x2j-qffu |
|
| 7 |
| url |
VCID-e4f9-zs85-4bgh |
| vulnerability_id |
VCID-e4f9-zs85-4bgh |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:gem/actionpack@6.1.1 |
| purl |
pkg:gem/actionpack@6.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bxj-7h5q-jbdz |
|
| 1 |
| vulnerability |
VCID-1f8y-2bmg-qufg |
|
| 2 |
| vulnerability |
VCID-43zc-ndt3-xfc5 |
|
| 3 |
| vulnerability |
VCID-4jjq-jkgc-mkca |
|
| 4 |
| vulnerability |
VCID-8c6b-8z6x-2uen |
|
| 5 |
| vulnerability |
VCID-9w4d-2z52-wyaf |
|
| 6 |
| vulnerability |
VCID-be3d-1x2j-qffu |
|
| 7 |
| vulnerability |
VCID-eecu-e2ds-jbdc |
|
| 8 |
| vulnerability |
VCID-f22x-hsz9-kfau |
|
| 9 |
| vulnerability |
VCID-fnkq-8eys-gygm |
|
| 10 |
| vulnerability |
VCID-n2ap-zgrd-skhf |
|
| 11 |
| vulnerability |
VCID-nvse-2qzf-n7ba |
|
| 12 |
| vulnerability |
VCID-sd3k-af7j-h7h4 |
|
| 13 |
| vulnerability |
VCID-semx-3823-f7f6 |
|
| 14 |
| vulnerability |
VCID-x6wm-6c84-2qdw |
|
| 15 |
| vulnerability |
VCID-xhqj-617q-f7fb |
|
| 16 |
| vulnerability |
VCID-yp5x-mgfj-xbbf |
|
| 17 |
| vulnerability |
VCID-ypmv-73g2-gfex |
|
| 18 |
| vulnerability |
VCID-yrjj-cken-6qff |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.1 |
|
| 1 |
| url |
pkg:gem/actionpack@6.1.3.2 |
| purl |
pkg:gem/actionpack@6.1.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1f8y-2bmg-qufg |
|
| 1 |
| vulnerability |
VCID-43zc-ndt3-xfc5 |
|
| 2 |
| vulnerability |
VCID-4jjq-jkgc-mkca |
|
| 3 |
| vulnerability |
VCID-9w4d-2z52-wyaf |
|
| 4 |
| vulnerability |
VCID-eecu-e2ds-jbdc |
|
| 5 |
| vulnerability |
VCID-f22x-hsz9-kfau |
|
| 6 |
| vulnerability |
VCID-fnkq-8eys-gygm |
|
| 7 |
| vulnerability |
VCID-n2ap-zgrd-skhf |
|
| 8 |
| vulnerability |
VCID-nvse-2qzf-n7ba |
|
| 9 |
| vulnerability |
VCID-semx-3823-f7f6 |
|
| 10 |
| vulnerability |
VCID-x6wm-6c84-2qdw |
|
| 11 |
| vulnerability |
VCID-xhqj-617q-f7fb |
|
| 12 |
| vulnerability |
VCID-yp5x-mgfj-xbbf |
|
| 13 |
| vulnerability |
VCID-ypmv-73g2-gfex |
|
| 14 |
| vulnerability |
VCID-yrjj-cken-6qff |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.3.2 |
|
|
| aliases |
CVE-2021-22902, GHSA-g8ww-46x2-2p65
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e4f9-zs85-4bgh |
|
| 8 |
| url |
VCID-eecu-e2ds-jbdc |
| vulnerability_id |
VCID-eecu-e2ds-jbdc |
| summary |
URL Redirection to Untrusted Site ('Open Redirect')
A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:gem/actionpack@6.1.4.2 |
| purl |
pkg:gem/actionpack@6.1.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1f8y-2bmg-qufg |
|
| 1 |
| vulnerability |
VCID-43zc-ndt3-xfc5 |
|
| 2 |
| vulnerability |
VCID-4jjq-jkgc-mkca |
|
| 3 |
| vulnerability |
VCID-9w4d-2z52-wyaf |
|
| 4 |
| vulnerability |
VCID-f22x-hsz9-kfau |
|
| 5 |
| vulnerability |
VCID-fnkq-8eys-gygm |
|
| 6 |
| vulnerability |
VCID-n2ap-zgrd-skhf |
|
| 7 |
| vulnerability |
VCID-semx-3823-f7f6 |
|
| 8 |
| vulnerability |
VCID-x6wm-6c84-2qdw |
|
| 9 |
| vulnerability |
VCID-xhqj-617q-f7fb |
|
| 10 |
| vulnerability |
VCID-yp5x-mgfj-xbbf |
|
| 11 |
| vulnerability |
VCID-ypmv-73g2-gfex |
|
| 12 |
| vulnerability |
VCID-yrjj-cken-6qff |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.4.2 |
|
| 1 |
|
|
| aliases |
CVE-2021-44528, GHSA-qphc-hf5q-v8fc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eecu-e2ds-jbdc |
|
| 9 |
| url |
VCID-f22x-hsz9-kfau |
| vulnerability_id |
VCID-f22x-hsz9-kfau |
| summary |
|
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2319036 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T17:09:25Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2319036 |
|
| 3 |
|
| 4 |
| reference_url |
https://github.com/rails/rails |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
|
| 1 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/rails/rails |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
| reference_url |
https://access.redhat.com/security/cve/cve-2024-41128 |
| reference_id |
CVE-2024-41128 |
| reference_type |
|
| scores |
| 0 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T17:09:25Z/ |
|
|
| url |
https://access.redhat.com/security/cve/cve-2024-41128 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
| reference_url |
https://github.com/rails/rails/security/advisories/GHSA-x76w-6vjr-8xgj |
| reference_id |
GHSA-x76w-6vjr-8xgj |
| reference_type |
|
| scores |
| 0 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
|
| 2 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T17:09:25Z/ |
|
|
| url |
https://github.com/rails/rails/security/advisories/GHSA-x76w-6vjr-8xgj |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-41128, GHSA-x76w-6vjr-8xgj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f22x-hsz9-kfau |
|
| 10 |
|
| 11 |
| url |
VCID-n2ap-zgrd-skhf |
| vulnerability_id |
VCID-n2ap-zgrd-skhf |
| summary |
ReDoS based DoS vulnerability in Action Dispatch
There is a possible regular expression based DoS vulnerability in Action Dispatch related to the If-None-Match header. This vulnerability has been assigned the CVE identifier CVE-2023-22795. A specially crafted HTTP `If-None-Match` header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-22795, GHSA-8xww-x3g3-6jcv, GMS-2023-56
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n2ap-zgrd-skhf |
|
| 12 |
| url |
VCID-nvse-2qzf-n7ba |
| vulnerability_id |
VCID-nvse-2qzf-n7ba |
| summary |
open redirect |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:gem/actionpack@6.1.4.1 |
| purl |
pkg:gem/actionpack@6.1.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1f8y-2bmg-qufg |
|
| 1 |
| vulnerability |
VCID-43zc-ndt3-xfc5 |
|
| 2 |
| vulnerability |
VCID-4jjq-jkgc-mkca |
|
| 3 |
| vulnerability |
VCID-9w4d-2z52-wyaf |
|
| 4 |
| vulnerability |
VCID-eecu-e2ds-jbdc |
|
| 5 |
| vulnerability |
VCID-f22x-hsz9-kfau |
|
| 6 |
| vulnerability |
VCID-fnkq-8eys-gygm |
|
| 7 |
| vulnerability |
VCID-n2ap-zgrd-skhf |
|
| 8 |
| vulnerability |
VCID-semx-3823-f7f6 |
|
| 9 |
| vulnerability |
VCID-x6wm-6c84-2qdw |
|
| 10 |
| vulnerability |
VCID-xhqj-617q-f7fb |
|
| 11 |
| vulnerability |
VCID-yp5x-mgfj-xbbf |
|
| 12 |
| vulnerability |
VCID-ypmv-73g2-gfex |
|
| 13 |
| vulnerability |
VCID-yrjj-cken-6qff |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.4.1 |
|
|
| aliases |
CVE-2021-22942, GHSA-2rqw-v265-jf8c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nvse-2qzf-n7ba |
|
| 13 |
| url |
VCID-sd3k-af7j-h7h4 |
| vulnerability_id |
VCID-sd3k-af7j-h7h4 |
| summary |
open redirect |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:gem/actionpack@6.1.3.2 |
| purl |
pkg:gem/actionpack@6.1.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1f8y-2bmg-qufg |
|
| 1 |
| vulnerability |
VCID-43zc-ndt3-xfc5 |
|
| 2 |
| vulnerability |
VCID-4jjq-jkgc-mkca |
|
| 3 |
| vulnerability |
VCID-9w4d-2z52-wyaf |
|
| 4 |
| vulnerability |
VCID-eecu-e2ds-jbdc |
|
| 5 |
| vulnerability |
VCID-f22x-hsz9-kfau |
|
| 6 |
| vulnerability |
VCID-fnkq-8eys-gygm |
|
| 7 |
| vulnerability |
VCID-n2ap-zgrd-skhf |
|
| 8 |
| vulnerability |
VCID-nvse-2qzf-n7ba |
|
| 9 |
| vulnerability |
VCID-semx-3823-f7f6 |
|
| 10 |
| vulnerability |
VCID-x6wm-6c84-2qdw |
|
| 11 |
| vulnerability |
VCID-xhqj-617q-f7fb |
|
| 12 |
| vulnerability |
VCID-yp5x-mgfj-xbbf |
|
| 13 |
| vulnerability |
VCID-ypmv-73g2-gfex |
|
| 14 |
| vulnerability |
VCID-yrjj-cken-6qff |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.3.2 |
|
|
| aliases |
CVE-2021-22903, GHSA-5hq2-xf89-9jxq
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sd3k-af7j-h7h4 |
|
| 14 |
| url |
VCID-semx-3823-f7f6 |
| vulnerability_id |
VCID-semx-3823-f7f6 |
| summary |
Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to
The `redirect_to` method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header. This vulnerability has been assigned the CVE identifier CVE-2023-28362.
Versions Affected: All. Not affected: None Fixed Versions: 7.0.5.1, 6.1.7.4 |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-28362, GHSA-4g8v-vg43-wpgf
|
| risk_score |
2.1 |
| exploitability |
0.5 |
| weighted_severity |
4.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-semx-3823-f7f6 |
|
| 15 |
|
| 16 |
| url |
VCID-xhqj-617q-f7fb |
| vulnerability_id |
VCID-xhqj-617q-f7fb |
| summary |
Rails has possible ReDoS vulnerability in Accept header parsing in Action Dispatch
# Possible ReDoS vulnerability in Accept header parsing in Action Dispatch
There is a possible ReDoS vulnerability in the Accept header parsing routines
of Action Dispatch. This vulnerability has been assigned the CVE identifier
CVE-2024-26142.
Versions Affected: >= 7.1.0, < 7.1.3.1
Not affected: < 7.1.0
Fixed Versions: 7.1.3.1
Impact
------
Carefully crafted Accept headers can cause Accept header parsing in Action
Dispatch to take an unexpected amount of time, possibly resulting in a DoS
vulnerability. All users running an affected release should either upgrade or
use one of the workarounds immediately.
Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby
3.2 or newer are unaffected.
Releases
--------
The fixed releases are available at the normal locations.
Workarounds
-----------
There are no feasible workarounds for this issue.
Patches
-------
To aid users who aren't able to upgrade immediately we have provided patches for
the two supported release series. They are in git-am format and consist of a
single changeset.
* 7-1-accept-redox.patch - Patch for 7.1 series
Credits
-------
Thanks [svalkanov](https://hackerone.com/svalkanov) for the report and patch! |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-26142, GHSA-jjhx-jhvp-74wq
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xhqj-617q-f7fb |
|
| 17 |
| url |
VCID-yp5x-mgfj-xbbf |
| vulnerability_id |
VCID-yp5x-mgfj-xbbf |
| summary |
ReDoS based DoS vulnerability in Action Dispatch
There is a possible regular expression based DoS vulnerability in Action Dispatch. Specially crafted cookies, in combination with a specially crafted `X_FORWARDED_HOST` header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-22792, GHSA-p84v-45xj-wwqj, GMS-2023-58
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yp5x-mgfj-xbbf |
|
| 18 |
|
| 19 |
|