9 results (0.006 seconds)

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2024-28103 – Action Pack is missing security headers on non-HTML responses

https://notcve.org/view.php?id=CVE-2024-28103

Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3. Action Pack es un framework para manejar y responder a solicitudes web. Desde 6.1.0, la Política de permisos configurable de la aplicación solo se ofrece en respuestas con un tipo de contenido relacionado con HTML. • https://github.com/rails/rails/commit/35858f1d9d57f6c4050a8d9ab754bd5d088b4523 https://github.com/rails/rails/security/advisories/GHSA-fwhr-88qx-h9g7 • CWE-20: Improper Input Validation •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1

CVE-2024-26144 – Possible Sensitive Session Information Leak in Active Storage

https://notcve.org/view.php?id=CVE-2024-26144

Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak. • https://github.com/gmo-ierae/CVE-2024-26144-test https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945 https://github.com/rails/rails/commit/723f54566023e91060a67b03353e7c03e7436433 https://github.com/rails/rails/commit/78fe149509fac5b05e54187aaaef216fbb5fd0d3 https://github.com/rails/rails/security/advisories/GHSA-8h22-8cf7-hq6g https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2024-26144.yml https://security.netapp.com/advisory/ntap-20240510 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2024-26143 – Rails Possible XSS Vulnerability in Action Controller

https://notcve.org/view.php?id=CVE-2024-26143

Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "_html", a :default key which contains untrusted user input, and the resulting string is used in a view, may be susceptible to an XSS vulnerability. The vulnerability is fixed in 7.1.3.1 and 7.0.8.1. Rails es un framework de aplicación web. • https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947 https://github.com/rails/rails/commit/4c83b331092a79d58e4adffe4be5f250fa5782cc https://github.com/rails/rails/commit/5187a9ef51980ad1b8e81945ebe0462d28f84f9e https://github.com/rails/rails/security/advisories/GHSA-9822-6m93-xqf4 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26143.yml https://security.netapp.com/advisory/ntap-20240510-0004 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-22797

https://notcve.org/view.php?id=CVE-2023-22797

An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability. • https://discuss.rubyonrails.org/t/cve-2023-22799-possible-redos-based-dos-vulnerability-in-globalid/82127 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-22792 – rubygem-actionpack: Denial of Service in Action Dispatch

https://notcve.org/view.php?id=CVE-2023-22792

A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. A flaw was found in the rubygem-actionpack. RubyGem's actionpack gem is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in the Action Dispatch module. • https://discuss.rubyonrails.org/t/cve-2023-22792-possible-redos-based-dos-vulnerability-in-action-dispatch/82115 https://security.netapp.com/advisory/ntap-20240202-0007 https://www.debian.org/security/2023/dsa-5372 https://access.redhat.com/security/cve/CVE-2023-22792 https://bugzilla.redhat.com/show_bug.cgi?id=2164800 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •