11 matches found
[SECURITY] [DSA 5372-1] rails security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5372-1 [email protected] https://www.debian.org/security/ Aron Xu March 13, 2023 https://www.debian.org/security/faq - -------------------------------------------------------------------------...
actionpack Open Redirect in Host Authorization Middleware
Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. Impacted applications will have allowed hosts with a leading dot. For example, configuration files...
Possible Open Redirect in Host Authorization Middleware
There is a possible open redirect vulnerability in the Host Authorization middleware in Action Pack. Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...
Security Bulletin: A security vulnerability in Ruby on Rails Action Pack affects IBM Cloud Pak for Multicloud Management Infrastructure Management
Summary A security vulnerability in Ruby on Rails Action Pack affects IBM Cloud Pak for Multicloud Management Infrastructure Management. Vulnerability Details CVEID: CVE-2021-22942 DESCRIPTION: Ruby on Rails Action Pack could allow a remote attacker to conduct phishing attacks, caused by an open...
Internet Bug Bounty: The Host Authorization middleware in Action Pack is vulnerable to crafted X-Forwarded-Host values
Title: The Host Authorization middleware in Action Pack is vulnerable to crafted X-Forwarded-Host values Scope: https://github.com/rails/rails Weakness: Open Redirect Severity: Medium Link: https://hackerone.com/reports/1189310 Date: 2021-05-09 06:29:19 +0000 By: @mshtawy CVE IDs: CVE-2021-22942,...
CVE-2021-22942
creationtimestamp| type| source ---|---|--- 2021-10-18 16:32:09+00:00| seen| https://t.me/cibsecurity/30689 2024-02-02 15:27:17+00:00| seen| https://t.me/ctinow/178113...
UBUNTU-CVE-2021-22942
A possible open redirect vulnerability in the Host Authorization middleware in Action Pack = 6.0.0 that could allow attackers to redirect users to a malicious website...
CVE-2021-22942
CVE-2021-22942 describes an open redirect in Ruby on Rails Action Pack’s Host Authorization middleware (versions ≥ 6.0.0). Affected: Rails Action Pack/OpenRedirect via Host Authorization where specially crafted X-Forwarded-Host headers with certain allowed-host formats (e.g., leading dot in confi...
GHSA-2RQW-V265-JF8C Open Redirect in ActionPack
Overview There is a possible open redirect vulnerability in the Host Authorization middleware in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2021-22942. Versions Affected: = 6.0.0. Not affected: 6.0.0 Fixed Versions: 6.1.4.1, 6.0.4.1 Impact Specially crafted...
Open Redirect in ActionPack
Overview There is a possible open redirect vulnerability in the Host Authorization middleware in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2021-22942. Versions Affected: = 6.0.0. Not affected: 6.0.0 Fixed Versions: 6.1.4.1, 6.0.4.1 Impact Specially crafted...
Possible Open Redirect in Host Authorization Middleware
There is a possible open redirect vulnerability in the Host Authorization middleware in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2021-22942. Versions Affected: = 6.0.0. Not affected: 6.0.0 Fixed Versions: 6.1.4.1, 6.0.4.1 Impact ------ Specially crafted...