Lucene search

Mechanize before v2.8.5 vulnerable to authorization header leak on port redirect

🗓️ 09 Jun 2022 23:57:47Reported by GitHub Advisory DatabaseType

Mechanize v2.8.5 authorization header leak mitigatio

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 193
OSV	GHSA-64QM-HRGP-PGR9 Mechanize before v2.8.5 vulnerable to authorization header leak on port redirect	9 Jun 202223:47	–	osv
OSV	UBUNTU-CVE-2022-31033	9 Jun 202220:15	–	osv
OSV	CVE-2022-31033	9 Jun 202220:15	–	osv
OSV	UBUNTU-CVE-2022-27776	27 Apr 202206:00	–	osv
OSV	CURL-CVE-2022-27776 Auth/cookie leak on redirect	27 Apr 202208:00	–	osv
OSV	CVE-2022-27776	2 Jun 202214:15	–	osv
OSV	GHSA-Q559-8M2M-G699 Change in port should be considered a change in origin	21 Jun 202220:07	–	osv
OSV	GHSA-25MQ-V84Q-4J7R CURLOPT_HTTPAUTH option not cleared on change of origin	21 Jun 202216:57	–	osv
OSV	SUSE-SU-2022:1680-1 Security update for curl	16 May 202209:09	–	osv
OSV	SUSE-SU-2022:1657-1 Security update for curl	13 May 202213:39	–	osv

Vulners

Node

mechanize_project mechanizeRange<2.8.5

Source	Link
github	www.github.com/sparklemotion/mechanize/security/advisories/GHSA-64qm-hrgp-pgr9
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-31033
github	www.github.com/sparklemotion/mechanize/commit/c7fe6996a5b95f9880653ba3bc548a8d4ef72317
github	www.github.com/rubysec/ruby-advisory-db/blob/master/gems/mechanize/CVE-2022-31033.yml
github	www.github.com/advisories/GHSA-64qm-hrgp-pgr9

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Jun 2022 23:47Current

7.2High risk

Vulners AI Score7.2

CVSS25

CVSS35.9 - 7.5

EPSS0.00557

SSVC