CVE-2020-5217

🗓️ 10 Feb 2020 14:34:44Reported by redhat.comType

A flaw in rubygem-secure_headers allows directive injection, leading to potential script-src override

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 15
RubySec	secure_headers directive injection using semicolon	22 Jan 202021:00	–	rubygems
Github Security Blog	Directive injection when using dynamic overrides with user input	23 Jan 202002:28	–	github
Prion	Code injection	23 Jan 202003:15	–	prion
UbuntuCve	CVE-2020-5217	23 Jan 202000:00	–	ubuntucve
NVD	CVE-2020-5217	23 Jan 202003:15	–	nvd
Cvelist	CVE-2020-5217 Directive injection when using dynamic overrides with user input in RubyGems secure_headers	23 Jan 202002:15	–	cvelist
Veracode	Authorization Bypass	23 Jan 202006:12	–	veracode
CVE	CVE-2020-5217	23 Jan 202003:15	–	cve
OSV	GHSA-XQ52-RV6W-397C Directive injection when using dynamic overrides with user input	23 Jan 202002:28	–	osv
OSV	CVE-2020-5217	23 Jan 202003:15	–	osv

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-5217
github	www.github.com/twitter/secure_headers/security/advisories/GHSA-xq52-rv6w-397c
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Feb 2020 14:44Current

3.6Low risk

Vulners AI Score3.6

EPSS0.00363