Page 3 of 17 results (0.010 seconds)

CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0

A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. Se presenta una vulnerabilidad de redirección abierta en Action Pack versiones posteriores a 6.0.0 incluyéndola, que podría permitir a un atacante diseñar un encabezado "X-Forwarded-Host" en combinación con determinados formatos de "allowed host" puede causar que el middleware Host Authorization en Action Pack redirija a usuarios a un sitio web malicioso • https://github.com/rails/rails/commit/0fccfb9a3097a9c4260c791f1a40b128517e7815 https://security.netapp.com/advisory/ntap-20240208-0003 https://www.debian.org/security/2023/dsa-5372 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect users to a malicious website. Se presenta una posible vulnerabilidad de redireccionamiento abierto en el middleware Host Authorization de Action Pack versiones posteriores a 6.0.0 incluyéndola, que podría permitir a atacantes redirigir a usuarios a un sitio web malicioso • http://www.openwall.com/lists/oss-security/2021/12/14/5 https://security.netapp.com/advisory/ntap-20240202-0005 https://weblog.rubyonrails.org/2021/8/19/Rails-6-0-4-1-and-6-1-4-1-have-been-released https://www.debian.org/security/2023/dsa-5372 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to CVE-2021-22881. Strings in config.hosts that do not have a leading dot are converted to regular expressions without proper escaping. This causes, for example, `config.hosts << "sub.example.com"` to permit a request with a Host header value of `sub-example.com`. • https://discuss.rubyonrails.org/t/cve-2021-22903-possible-open-redirect-vulnerability-in-action-pack/77867 https://hackerone.com/reports/1148025 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1

The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive regular expression. Impacted code uses `authenticate_or_request_with_http_token` or `authenticate_with_http_token` for request authentication. El actionpack ruby gem versiones anteriores a 6.1.3.2, 6.0.3.7, 5.2.4.6 y 5.2.6, sufre una posible vulnerabilidad de denegación de servicio en la lógica de autenticación de tokens en Action Controller debido a una expresión regular demasiado permisiva. El código afectado usa las funciones "authenticate_or_request_with_http_token" o "authenticate_with_http_token" para la autenticación de peticiones A flaw was found in RubyGem Actionpack which is framework for handling and responding to web requests in Rails. A possible DoS vulnerability was found in the Token Authentication logic in Action Controller. • https://discuss.rubyonrails.org/t/cve-2021-22904-possible-dos-vulnerability-in-action-controller-token-authentication/77869 https://hackerone.com/reports/1101125 https://security.netapp.com/advisory/ntap-20210805-0009 https://access.redhat.com/security/cve/CVE-2021-22904 https://bugzilla.redhat.com/show_bug.cgi?id=1961379 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 1

A possible information disclosure / unintended method execution vulnerability in Action Pack >= 2.0.0 when using the `redirect_to` or `polymorphic_url`helper with untrusted user input. Una posible vulnerabilidad de divulgación de información y ejecución de método no intecional en Action Pack versiones posteriores a 2.0.0 e incluyéndola, cuando se usa la ayuda "redirect_to" o "polymorphic_url" con la entrada de un usuario no confiable A flaw was found in rubygem-actionpack. Information disclosure or unintended method execution is possible when using the `redirect_to` or `polymorphic_url` helper with untrusted user input. The highest threat from this vulnerability is to data confidentiality. • https://hackerone.com/reports/1106652 https://security.netapp.com/advisory/ntap-20210805-0009 https://www.debian.org/security/2021/dsa-4929 https://access.redhat.com/security/cve/CVE-2021-22885 https://bugzilla.redhat.com/show_bug.cgi?id=1957441 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-209: Generation of Error Message Containing Sensitive Information •