CVE-2021-31810 – ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host
https://notcve.org/view.php?id=CVE-2021-31810
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). Se ha detectado un problema en Ruby versiones hasta 2.6.7, versiones 2.7.x hasta 2.7.3, y versiones 3.x hasta 3.0.1. Un servidor FTP malicioso puede usar la respuesta PASV para engañar a la función Net::FTP para que se conecte de nuevo a una dirección IP y un puerto determinados. • https://hackerone.com/reports/1145454 https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MWXHK5UUHVSHF7HTHMX6JY3WXDVNIHSL https://security.gentoo.org/glsa/202401-27 https://security.netapp.com/advisory/ntap-20210917-0001 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.ruby-lang.org/en/news/2021/07/07/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2021-28965 – ruby: XML round-trip vulnerability in REXML
https://notcve.org/view.php?id=CVE-2021-28965
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. El REXML gem versiones anteriores a 3.2.5 en Ruby versiones anteriores a 2.6.7, versiones 2.7.x anteriores a 2.7.3 y versiones 3.x anteriores a 3.0.1, no aborda apropiadamente los problemas round-trip de XML. Puede ser producido un documento incorrecto después de analizarlo y serializarlo A flaw was found in the way the Ruby REXML library parsed XML documents. Parsing a specially crafted XML document using REXML and writing parsed data back to a new XML document results in creating a document with a different structure. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVFTLFVCSUE5CXHINJEUCKSHU4SWDMT https://security.netapp.com/advisory/ntap-20210528-0003 https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965 https://access.redhat.com/security/cve/CVE-2021-28965 https://bugzilla.redhat.com/show_bug.cgi?id=1947526 • CWE-611: Improper Restriction of XML External Entity Reference •