RubySecRUBY:MECHANIZE-2022-31033

HistoryJun 08, 2022 - 9:00 p.m.

Authorization header leak on port redirect in mechanize

2022-06-0821:00:00

RubySec

rubysec.com

JSON

Summary

Mechanize (rubygem) < v2.8.5 leaks the Authorization header after a
redirect to a different port on the same site.

Mitigation

Upgrade to Mechanize v2.8.5 or later.

Notes

See https://curl.se/docs/CVE-2022-27776.html for a similar vulnerability in curl.

Cookies are shared with a server at a different port on the same site, per
https://datatracker.ietf.org/doc/html/rfc6265#section-8.5 which states in part:

> Cookies do not provide isolation by port. If a cookie is readable
> by a service running on one port, the cookie is also readable by a
> service running on another port of the same server. If a cookie is
> writable by a service on one port, the cookie is also writable by a
> service running on another port of the same server. For this
> reason, servers SHOULD NOT both run mutually distrusting services on
> different ports of the same host and use cookies to store security-
> sensitive information.

CPENameOperatorVersion
mechanizelt2.8.5

CPE	Name	Operator	Version
	mechanize	lt	2.8.5

References

github.com/sparklemotion/mechanize/security/advisories/GHSA-64qm-hrgp-pgr9

veracode 1

alpinelinux 1

redhatcve 1

hackerone 3

ibm 21

debiancve 1

osv 10

ubuntucve 1

prion 1

mscve 1

cbl_mariner 1

cve 1

freebsd 2

openvas 27

nessus 40

github 4

suse 1

fedora 4

slackware 1

redhat 16

amazon 2

rocky 1

cloudfoundry 1

oraclelinux 2

ubuntu 1

mageia 1

almalinux 1

redos 1

rosalinux 1

photon 6

debian 2

gentoo 1

mskb 4

kaspersky 1

rapid7blog 1

tenable 1

ics 1

veracode

Information Disclosure

2022-04-30 16:23:48

alpinelinux

CVE-2022-27776

2022-06-02 14:15:00

redhatcve

CVE-2022-27776

2022-04-27 06:55:50

hackerone

curl: Credential leak on redirect

2022-05-13 11:31:21

curl: CVE-2022-27776: Auth/cookie leak on redirect

2022-04-21 15:20:43

Internet Bug Bounty: CVE-2022-27776: Auth/cookie leak on redirect

2022-04-27 07:10:47

ibm

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality due to CVE-2022-27776

2022-11-04 18:06:17

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to data information exposure in cURL libcurl (CVE-2022-27776)

2023-01-12 21:59:00

Security Bulletin: IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint has addressed multiple security vulnerabilities (CVE-2022-27774, CVE-2022-27775, CVE-2022-27776)

2023-02-02 16:36:32

debiancve

CVE-2022-27776

2022-06-02 14:15:00

osv

CVE-2022-27776

2022-06-02 14:15:43

Change in port should be considered a change in origin

2022-06-21 20:07:16

Mechanize before v2.8.5 vulnerable to authorization header leak on port redirect

2022-06-09 23:47:57

ubuntucve

CVE-2022-27776

2022-04-27 00:00:00

prion

Design/Logic Flaw

2022-06-02 14:15:00

mscve

HackerOne: CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data

2022-07-12 07:00:00

cbl_mariner

CVE-2022-27776 affecting package curl 7.76.0-9

2022-05-12 02:16:39

cve

CVE-2022-27776

2022-06-02 14:15:00

freebsd

mediawiki -- multiple vulnerabilities

2022-05-16 00:00:00

cURL -- Multiple vulnerabilities

2022-04-27 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2022:1680-1)

2022-05-17 00:00:00

openSUSE: Security Advisory for curl (SUSE-SU-2022:1657-1)

2022-05-17 00:00:00

Fedora: Security Advisory for mediawiki (FEDORA-2022-f83aec6d57)

2022-09-10 00:00:00

nessus

FreeBSD : mediawiki -- multiple vulnerabilities (5ab54ea0-fa94-11ec-996c-080027b24e86)

2022-07-03 00:00:00

SUSE SLES12 Security Update : curl (SUSE-SU-2022:1680-1)

2022-05-17 00:00:00

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2022:1657-1)

2022-05-14 00:00:00

github

Mechanize before v2.8.5 vulnerable to authorization header leak on port redirect

2022-06-09 23:47:57

CURLOPT_HTTPAUTH option not cleared on change of origin

2022-06-21 16:57:10

Change in port should be considered a change in origin

2022-06-21 20:07:16

suse

Security update for curl (moderate)

2022-05-13 00:00:00

fedora

[SECURITY] Fedora 37 Update: mediawiki-1.38.2-1.fc37

2022-09-12 17:57:50

[SECURITY] Fedora 36 Update: curl-7.82.0-4.fc36

2022-05-07 05:15:01

[SECURITY] Fedora 35 Update: curl-7.79.1-4.fc35

2022-05-18 01:11:50

slackware

[slackware-security] curl

2022-04-27 21:48:34

redhat

(RHSA-2022:5313) Moderate: curl security update

2022-06-28 10:52:02

(RHSA-2022:5245) Moderate: curl security update

2022-06-28 08:27:15

(RHSA-2022:5699) Moderate: Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 security update

2022-07-28 14:39:39

amazon

Medium: curl

2022-05-04 01:01:00

Medium: curl

2022-12-01 17:33:00

rocky

curl security update

2022-06-28 10:52:02

cloudfoundry

USN-5397-1: curl vulnerabilities | Cloud Foundry

2022-05-23 00:00:00

oraclelinux

curl security update

2022-06-30 00:00:00

curl security update

2022-06-30 00:00:00

ubuntu

curl vulnerabilities

2022-04-28 00:00:00

mageia

Updated curl packages fix security vulnerability

2022-05-02 22:44:52

almalinux

Moderate: curl security update

2022-06-30 00:00:00

redos

ROS-20220516-09

2022-05-16 00:00:00

rosalinux

Advisory ROSA-SA-2023-2220

2023-08-22 13:18:19

photon

Important Photon OS Security Update - PHSA-2022-0205

2022-06-27 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0205

2022-06-27 00:00:00

Important Photon OS Security Update - PHSA-2022-0486

2022-06-19 00:00:00

debian

[SECURITY] [DLA 3085-1] curl security update

2022-08-28 23:00:51

[SECURITY] [DSA 5197-1] curl security update

2022-08-01 16:58:44

gentoo

curl: Multiple Vulnerabilities

2022-12-19 00:00:00

mskb

July 12, 2022—KB5015814 (OS Build 22000.795)

2022-07-12 07:00:00

July 12, 2022—KB5015811 (OS Build 17763.3165)

2022-07-12 07:00:00

July 12, 2022—KB5015827 (OS Build 20348.825)

2022-07-12 07:00:00

kaspersky

KLA12580 Multiple vulnerabilities in Microsoft Windows

2022-07-12 00:00:00

rapid7blog

Patch Tuesday - July 2022

2022-07-12 19:40:15

tenable

[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities

2023-06-29 10:45:47

ics

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

Authorization header leak on port redirect in mechanize

References

Related