22 results (0.008 seconds)

CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0

CVE-2024-47889 – Action Mailer has possible ReDoS vulnerability in block_format

https://notcve.org/view.php?id=CVE-2024-47889

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the block_format helper in Action Mailer. Carefully crafted text can cause the block_format helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid calling the `block_format` helper or upgrade to Ruby 3.2. • https://github.com/rails/rails/commit/0e5694f4d32544532d2301a9b4084eacb6986e94 https://github.com/rails/rails/commit/3612e3eb3fbafed4f85e1c6ea4c7b6addbb0fdd3 https://github.com/rails/rails/commit/985f1923fa62806ff676e41de67c3b4552131ab9 https://github.com/rails/rails/commit/be898cc996986decfe238341d96b2a6573b8fd2e https://github.com/rails/rails/security/advisories/GHSA-h47h-mwp9-c6q6 • CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0

CVE-2024-47887 – Action Controller has possible ReDoS vulnerability in HTTP Token authentication

https://notcve.org/view.php?id=CVE-2024-47887

Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authentication via `authenticate_or_request_with_http_token` or similar, a carefully crafted header may cause header parsing to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. One may choose to use Ruby 3.2 as a workaround.Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. • https://github.com/rails/rails/commit/56b2fc3302836405b496e196a8d5fc0195e55049 https://github.com/rails/rails/commit/7c1398854d51f9bb193fb79f226647351133d08a https://github.com/rails/rails/commit/8e057db25bff1dc7a98e9ae72e0083825b9ac545 https://github.com/rails/rails/commit/f4dc83d8926509d0958ec21fcdbc2e7df3d32ce2 https://github.com/rails/rails/security/advisories/GHSA-vfg9-r3fq-jvx4 • CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0

CVE-2024-41128 – Action Dispatch has possible ReDoS vulnerability in query parameter filtering

https://notcve.org/view.php?id=CVE-2024-41128

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to version 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. One may use Ruby 3.2 as a workaround. • https://access.redhat.com/security/cve/cve-2024-41128 https://bugzilla.redhat.com/show_bug.cgi?id=2319036 https://github.com/rails/rails/commit/27121e80f6dbb260f5a9f0452cd8411cb681f075 https://github.com/rails/rails/commit/b0fe99fa854ec8ff4498e75779b458392d1560ef https://github.com/rails/rails/commit/b1241f468d1b32235f438c2e2203386e6efd3891 https://github.com/rails/rails/commit/fb493bebae1a9b83e494fe7edbf01f6167d606fd https://github.com/rails/rails/security/advisories/GHSA-x76w-6vjr-8xgj • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1

CVE-2024-26144 – Possible Sensitive Session Information Leak in Active Storage

https://notcve.org/view.php?id=CVE-2024-26144

Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak. • https://github.com/gmo-ierae/CVE-2024-26144-test https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945 https://github.com/rails/rails/commit/723f54566023e91060a67b03353e7c03e7436433 https://github.com/rails/rails/commit/78fe149509fac5b05e54187aaaef216fbb5fd0d3 https://github.com/rails/rails/security/advisories/GHSA-8h22-8cf7-hq6g https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2024-26144.yml https://security.netapp.com/advisory/ntap-20240510 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-22792 – rubygem-actionpack: Denial of Service in Action Dispatch

https://notcve.org/view.php?id=CVE-2023-22792

A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. A flaw was found in the rubygem-actionpack. RubyGem's actionpack gem is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in the Action Dispatch module. • https://discuss.rubyonrails.org/t/cve-2023-22792-possible-redos-based-dos-vulnerability-in-action-dispatch/82115 https://security.netapp.com/advisory/ntap-20240202-0007 https://www.debian.org/security/2023/dsa-5372 https://access.redhat.com/security/cve/CVE-2023-22792 https://bugzilla.redhat.com/show_bug.cgi?id=2164800 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •