CVE-2021-41819
ruby: Cookie prefix spoofing in CGI::Cookie.parse
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
CGI::Cookie.parse en Ruby versiones hasta 2.6.8, maneja inapropiadamente los prefijos de seguridad en los nombres de las cookies. Esto tambiƩn afecta a CGI gem versiones hasta 0.3.0 para Ruby.
A flaw was found in Ruby. RubyGems cgi gem could allow a remote attacker to conduct spoofing attacks caused by the mishandling of security prefixes in cookie names in the CGI::Cookie.parse function. By sending a specially-crafted request, an attacker could perform cookie prefix spoofing attacks.
It was discovered that Ruby incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a regular expression denial of service.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-09-29 CVE Reserved
- 2022-01-01 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-565: Reliance on Cookies without Validation and Integrity Checking
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20220121-0003 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819 | 2024-08-04 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ruby-lang Search vendor "Ruby-lang" | Cgi Search vendor "Ruby-lang" for product "Cgi" | 0.1.0 Search vendor "Ruby-lang" for product "Cgi" and version "0.1.0" | ruby |
Affected
| ||||||
| Ruby-lang Search vendor "Ruby-lang" | Cgi Search vendor "Ruby-lang" for product "Cgi" | 0.2.0 Search vendor "Ruby-lang" for product "Cgi" and version "0.2.0" | ruby |
Affected
| ||||||
| Ruby-lang Search vendor "Ruby-lang" | Cgi Search vendor "Ruby-lang" for product "Cgi" | 0.3.0 Search vendor "Ruby-lang" for product "Cgi" and version "0.3.0" | ruby |
Affected
| ||||||
| Ruby-lang Search vendor "Ruby-lang" | Ruby Search vendor "Ruby-lang" for product "Ruby" | <= 2.6.8 Search vendor "Ruby-lang" for product "Ruby" and version " <= 2.6.8" | - |
Affected
| ||||||
| Ruby-lang Search vendor "Ruby-lang" | Ruby Search vendor "Ruby-lang" for product "Ruby" | >= 2.7.0 < 2.7.5 Search vendor "Ruby-lang" for product "Ruby" and version " >= 2.7.0 < 2.7.5" | - |
Affected
| ||||||
| Ruby-lang Search vendor "Ruby-lang" | Ruby Search vendor "Ruby-lang" for product "Ruby" | >= 3.0.0 < 3.0.3 Search vendor "Ruby-lang" for product "Ruby" and version " >= 3.0.0 < 3.0.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Software Collections Search vendor "Redhat" for product "Software Collections" | - | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Search vendor "Suse" for product "Linux Enterprise" | 11.0 Search vendor "Suse" for product "Linux Enterprise" and version "11.0" | sp1 |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Search vendor "Suse" for product "Linux Enterprise" | 12.0 Search vendor "Suse" for product "Linux Enterprise" and version "12.0" | - |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Search vendor "Suse" for product "Linux Enterprise" | 15.0 Search vendor "Suse" for product "Linux Enterprise" and version "15.0" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Factory Search vendor "Opensuse" for product "Factory" | - | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.2 Search vendor "Opensuse" for product "Leap" and version "15.2" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 34 Search vendor "Fedoraproject" for product "Fedora" and version "34" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
| ||||||