Linux Distros Unpatched Vulnerability : CVE-2021-22903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain allowed...

SUSE CVE-2021-22903

The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to...

The vulnerability in the intermediate software of the Host Authorization framework of the actionpack ruby gem in the Ruby on Rails software platform arises from insufficient input validation. This allows attackers to access sensitive data and compromise its integrity.

The vulnerability in the Host Authorization framework of the actionpack ruby gem in the Ruby on Rails software platform relates to the conversion of strings in config.hosts without a starting point, into regular expressions without encapsulation. Exploiting this vulnerability can allow an attacke...

UBUNTU-CVE-2021-22903

The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. There is a possible Open Redirect Vulnerability in Action Pack. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in...