search

Nexmo / nexmo-rails-quickstart

Nexmo Quickstart Examples for Ruby on Rails
MIT License
5 stars 3 forks source link

rails-5.2.2.gem: 9 vulnerabilities (highest severity is: 9.8) - autoclosed #5

Closed mend-for-github-com[bot] closed 1 year ago

mend-for-github-com[bot] commented 2 years ago
Vulnerable Library - rails-5.2.2.gem

Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.

Library home page: https://rubygems.org/gems/rails-5.2.2.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /cache/rails-5.2.2.gem

Found in HEAD commit: 7d45750902e2450bdb22ac9f0b6cd476803f070a

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in Remediation Available
CVE-2022-21831 High 9.8 activestorage-5.2.2.gem Transitive N/A
CVE-2019-5420 High 9.8 rails-5.2.2.gem Direct 5.2.2.1,6.0.0.beta3
CVE-2019-5419 High 7.5 rails-5.2.2.gem Direct 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2.1
CVE-2019-5418 High 7.5 rails-5.2.2.gem Direct 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2.1
CVE-2020-8162 High 7.5 activestorage-5.2.2.gem Transitive N/A
CVE-2021-22880 High 7.5 detected in multiple dependencies Transitive N/A
CVE-2020-7663 High 7.5 websocket-extensions-0.1.3.gem Transitive N/A
CVE-2022-32224 High 7.0 activerecord-5.2.2.gem Transitive N/A
CVE-2020-8167 Medium 6.5 rails-5.2.2.gem Direct 6.0.3.1,5.2.4.3

Details

CVE-2022-21831 ### Vulnerable Library - activestorage-5.2.2.gem

Attach cloud and local files in Rails applications.

Library home page: https://rubygems.org/gems/activestorage-5.2.2.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activestorage-5.2.2.gem

Dependency Hierarchy: - rails-5.2.2.gem (Root Library) - :x: **activestorage-5.2.2.gem** (Vulnerable Library)

Found in HEAD commit: 7d45750902e2450bdb22ac9f0b6cd476803f070a

Found in base branch: main

### Vulnerability Details

A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.

Publish Date: 2022-05-26

URL: CVE-2022-21831

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/advisories/GHSA-w749-p3v6-hccq

Release Date: 2022-05-26

Fix Resolution: activestorage - 5.2.6.3,6.0.4.7,6.1.4.7,7.0.2.3

CVE-2019-5420 ### Vulnerable Library - rails-5.2.2.gem

Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.

Library home page: https://rubygems.org/gems/rails-5.2.2.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /cache/rails-5.2.2.gem

Dependency Hierarchy: - :x: **rails-5.2.2.gem** (Vulnerable Library)

Found in HEAD commit: 7d45750902e2450bdb22ac9f0b6cd476803f070a

Found in base branch: main

### Vulnerability Details

A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.

Publish Date: 2019-03-27

URL: CVE-2019-5420

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/

Release Date: 2019-03-27

Fix Resolution: 5.2.2.1,6.0.0.beta3

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2019-5419 ### Vulnerable Library - rails-5.2.2.gem

Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.

Library home page: https://rubygems.org/gems/rails-5.2.2.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /cache/rails-5.2.2.gem

Dependency Hierarchy: - :x: **rails-5.2.2.gem** (Vulnerable Library)

Found in HEAD commit: 7d45750902e2450bdb22ac9f0b6cd476803f070a

Found in base branch: main

### Vulnerability Details

There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.

Publish Date: 2019-03-27

URL: CVE-2019-5419

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/

Release Date: 2020-10-16

Fix Resolution: 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2.1

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2019-5418 ### Vulnerable Library - rails-5.2.2.gem

Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.

Library home page: https://rubygems.org/gems/rails-5.2.2.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /cache/rails-5.2.2.gem

Dependency Hierarchy: - :x: **rails-5.2.2.gem** (Vulnerable Library)

Found in HEAD commit: 7d45750902e2450bdb22ac9f0b6cd476803f070a

Found in base branch: main

### Vulnerability Details

There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.

Publish Date: 2019-03-27

URL: CVE-2019-5418

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/

Release Date: 2020-10-16

Fix Resolution: 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2.1

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2020-8162 ### Vulnerable Library - activestorage-5.2.2.gem

Attach cloud and local files in Rails applications.

Library home page: https://rubygems.org/gems/activestorage-5.2.2.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activestorage-5.2.2.gem

Dependency Hierarchy: - rails-5.2.2.gem (Root Library) - :x: **activestorage-5.2.2.gem** (Vulnerable Library)

Found in HEAD commit: 7d45750902e2450bdb22ac9f0b6cd476803f070a

Found in base branch: main

### Vulnerability Details

A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user bypassing upload limits.

Publish Date: 2020-06-19

URL: CVE-2020-8162

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/advisories/GHSA-m42x-37p3-fv5w

Release Date: 2020-06-19

Fix Resolution: 5.2.4.3,6.0.3.1

CVE-2021-22880 ### Vulnerable Libraries - activerecord-5.2.2.gem, rails-5.2.2.gem

### activerecord-5.2.2.gem

Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.

Library home page: https://rubygems.org/gems/activerecord-5.2.2.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activerecord-5.2.2.gem

Dependency Hierarchy: - rails-5.2.2.gem (Root Library) - :x: **activerecord-5.2.2.gem** (Vulnerable Library) ### rails-5.2.2.gem

Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.

Library home page: https://rubygems.org/gems/rails-5.2.2.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /cache/rails-5.2.2.gem

Dependency Hierarchy: - :x: **rails-5.2.2.gem** (Vulnerable Library)

Found in HEAD commit: 7d45750902e2450bdb22ac9f0b6cd476803f070a

Found in base branch: main

### Vulnerability Details

The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS attack. This only impacts Rails applications that are using PostgreSQL along with money type columns that take user input.

Publish Date: 2021-02-11

URL: CVE-2021-22880

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://discuss.rubyonrails.org/t/cve-2021-22880-possible-dos-vulnerability-in-active-record-postgresql-adapter/77129

Release Date: 2021-02-11

Fix Resolution: 5.2.4.5,6.0.3.5,6.1.2.1

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2020-7663 ### Vulnerable Library - websocket-extensions-0.1.3.gem

Library home page: https://rubygems.org/gems/websocket-extensions-0.1.3.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/websocket-extensions-0.1.3.gem

Dependency Hierarchy: - rails-5.2.2.gem (Root Library) - actioncable-5.2.2.gem - websocket-driver-0.7.0.gem - :x: **websocket-extensions-0.1.3.gem** (Vulnerable Library)

Found in HEAD commit: 7d45750902e2450bdb22ac9f0b6cd476803f070a

Found in base branch: main

### Vulnerability Details

websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header.

Publish Date: 2020-06-02

URL: CVE-2020-7663

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7663

Release Date: 2020-09-17

Fix Resolution: websocket-extensions:0.1.5

CVE-2022-32224 ### Vulnerable Library - activerecord-5.2.2.gem

Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.

Library home page: https://rubygems.org/gems/activerecord-5.2.2.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activerecord-5.2.2.gem

Dependency Hierarchy: - rails-5.2.2.gem (Root Library) - :x: **activerecord-5.2.2.gem** (Vulnerable Library)

Found in HEAD commit: 7d45750902e2450bdb22ac9f0b6cd476803f070a

Found in base branch: main

### Vulnerability Details

RCE bug with Serialized Columns in Active Record before 5.2.8.1, 6.0.0 and before 6.0.5.1, 6.1.0 and before 6.1.6.1, 7.0.0 and before 7.0.3. When serialized columns that use YAML (the default) are deserialized, Rails uses YAML.unsafe_load to convert the YAML data in to Ruby objects. If an attacker can manipulate data in the database (via means like SQL injection), then it may be possible for the attacker to escalate to an RCE.

Publish Date: 2022-06-02

URL: CVE-2022-32224

### CVSS 3 Score Details (7.0)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/advisories/GHSA-3hhc-qp5v-9p2j

Release Date: 2022-06-02

Fix Resolution: activerecord - 5.2.8.1,6.0.5.1,6.1.6.1,7.0.3.1

CVE-2020-8167 ### Vulnerable Library - rails-5.2.2.gem

Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.

Library home page: https://rubygems.org/gems/rails-5.2.2.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /cache/rails-5.2.2.gem

Dependency Hierarchy: - :x: **rails-5.2.2.gem** (Vulnerable Library)

Found in HEAD commit: 7d45750902e2450bdb22ac9f0b6cd476803f070a

Found in base branch: main

### Vulnerability Details

A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.

Publish Date: 2020-06-19

URL: CVE-2020-8167

### CVSS 3 Score Details (6.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://rubygems.org/gems/rails/versions/6.0.3.1

Release Date: 2020-06-19

Fix Resolution: 6.0.3.1,5.2.4.3

:rescue_worker_helmet: Automatic Remediation is available for this issue

:rescue_worker_helmet: Automatic Remediation is available for this issue.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.