Lucene search
K

9 matches found

Amazon
Amazon
added 2025/05/13 12:0 a.m.17 views

Medium: pcs

Issue Overview: Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrar...

5.4CVSS6.9AI score0.00476EPSS
Exploits0
Amazon
Amazon
added 2025/05/13 12:0 a.m.5 views

Medium: pcs

Issue Overview: Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrar...

5.4CVSS7AI score0.00476EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.5 views

Amazon Linux 2 : pcs (ALAS-2025-2853)

The version of pcs installed on the remote host is prior to 0.9.169-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2853 advisory. Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the...

5.4CVSS7.1AI score0.00476EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-21510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When makin...

5.4CVSS6.4AI score0.00476EPSS
Exploits0References3
OSV
OSV
added 2024/12/19 4:18 a.m.12 views

RLSA-2024:10987 Moderate: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: sinatra: Open Redirect Vulnerability in Sinatra via X-Forwarded-Host Header CVE-2024-21510 For more details about the security issues, including the impact, a CVSS score,...

5.4CVSS5.8AI score0.00476EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.9 views

RockyLinux 8 : pcs (RLSA-2024:10987)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:10987 advisory. sinatra: Open Redirect Vulnerability in Sinatra via X-Forwarded-Host Header CVE-2024-21510 Tenable has extracted the preceding description block directly from th...

5.4CVSS6.9AI score0.00476EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.12 views

RHEL 8 : pcs (RHSA-2024:10987)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10987 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: sinatra: Open Redirect...

5.4CVSS7AI score0.00476EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/11/01 9:59 a.m.12 views

CVE-2024-21510

A flaw was found in Sinatra. This vulnerability allows an Open Redirect attack via the X-Forwarded-Host XFH header, potentially enabling Cache Poisoning or Server-Side Request Forgery SSRF when used in caching servers or reverse proxies...

5.4CVSS5.4AI score0.00476EPSS
Exploits0References7
Wolfi
Wolfi
added 2024/11/01 5:15 a.m.22 views

CVE-2024-21510 vulnerabilities

Vulnerabilities for packages: ruby3.3-sinatra, ruby3.2-sinatra, logstash...

5.4CVSS6.5AI score0.00476EPSS
Exploits0
Rows per page
Query Builder