search

rvvergara / bookstore_rails_app

2 stars 1 forks source link

CVE-2021-44528 (Medium) detected in actionpack-5.2.3.gem, rails-5.2.3.gem - autoclosed #46

Closed mend-bolt-for-github[bot] closed 2 years ago

mend-bolt-for-github[bot] commented 2 years ago

CVE-2021-44528 - Medium Severity Vulnerability

Vulnerable Libraries - actionpack-5.2.3.gem, rails-5.2.3.gem

actionpack-5.2.3.gem

Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.

Library home page: https://rubygems.org/gems/actionpack-5.2.3.gem

Dependency Hierarchy: - pundit-matchers-1.6.0.gem (Root Library) - rspec-rails-3.8.2.gem - :x: **actionpack-5.2.3.gem** (Vulnerable Library)

rails-5.2.3.gem

Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.

Library home page: https://rubygems.org/gems/rails-5.2.3.gem

Dependency Hierarchy: - :x: **rails-5.2.3.gem** (Vulnerable Library)

Found in base branch: master

Vulnerability Details

Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. Impacted applications will have allowed hosts with a leading dot. For example, configuration files that look like this: ``` config.hosts << '.EXAMPLE.com' ``` When an allowed host contains a leading dot, a specially crafted Host header can be used to redirect to a malicious website. This vulnerability is similar to CVE-2021-22881 and CVE-2021-22942. Releases -------- The fixed releases are available at the normal locations. Patches ------- To aid users who aren't able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset. * 6-0-host-authorzation-open-redirect.patch - Patch for 6.0 series * 6-1-host-authorzation-open-redirect.patch - Patch for 6.1 series * 7-0-host-authorzation-open-redirect.patch - Patch for 7.0 series Please note that only the 6.1.Z, 6.0.Z, and 5.2.Z series are supported at present. Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases.

Publish Date: 2021-12-03

URL: CVE-2021-44528

CVSS 3 Score Details (6.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://github.com/rails/rails/commit/aecba3c301b80e9d5a63c30ea1b287bceaf2c107

Release Date: 2021-12-03

Fix Resolution: rails - 6.1.4.1,7.0.0

Step up your Open Source Security Game with WhiteSource here

mend-bolt-for-github[bot] commented 2 years ago

:heavy_check_mark: This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory.