EUVD-2021-0631

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-22942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A possible open redirect vulnerability in the Host Authorization middleware in Action Pack = 6.0.0 that could allow attackers to redirect users to a malicious...

BIT-RAILS-2021-44528

A open redirect vulnerability exists in Action Pack = 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...

SUSE CVE-2021-22942

A possible open redirect vulnerability in the Host Authorization middleware in Action Pack = 6.0.0 that could allow attackers to redirect users to a malicious website...

Open Redirect

rails is vulnerable to open redirect. A remote attacker is able to redirect users to a malicious websites via a crafted X-Forwarded-Host header in combination with a certain "allowed host" format in host authorization middleware...

CVE-2021-44528

A open redirect vulnerability exists in Action Pack = 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...

CVE-2021-44528

A open redirect vulnerability exists in Action Pack = 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...

Open redirect

A open redirect vulnerability exists in Action Pack = 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...

CVE-2021-44528

A open redirect vulnerability exists in Action Pack = 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...

CVE-2021-44528

A open redirect vulnerability exists in Action Pack = 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...

Possible Open Redirect in Host Authorization Middleware

There is a possible open redirect vulnerability in the Host Authorization middleware in Action Pack. Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...

CVE-2021-22942

CVE-2021-22942 describes an open redirect in Ruby on Rails Action Pack’s Host Authorization middleware (versions ≥ 6.0.0). Affected: Rails Action Pack/OpenRedirect via Host Authorization where specially crafted X-Forwarded-Host headers with certain allowed-host formats (e.g., leading dot in confi...

GHSA-2RQW-V265-JF8C Open Redirect in ActionPack

Overview There is a possible open redirect vulnerability in the Host Authorization middleware in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2021-22942. Versions Affected: = 6.0.0. Not affected: 6.0.0 Fixed Versions: 6.1.4.1, 6.0.4.1 Impact Specially crafted...

Open Redirection

actionpack is vulnerable to open redirection. A malicious X-Forwarded-Host when used in combination with certain allowed host formats, can cause the Host Authorization middleware to redirect users to a malicious website...

CVE-2021-22942

A flaw was found in rubygem-actionpack. Specially crafted “X-Forwarded-Host” headers, in combination with certain “allowed host” formats, can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. The highest threat from this vulnerability is to system...

CVE-2021-22903

The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to...

CVE-2021-22903

The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to...

Possible Open Redirect Vulnerability in Action Pack

There is a possible Open Redirect Vulnerability in Action Pack. Versions Affected: = v6.1.0.rc2 Not affected: v6.1.0.rc2 Fixed Versions: 6.1.3.2 Impact ------ This is similar to CVE-2021-22881. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host...

CVE-2021-22881

The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious...

CVE-2021-22881

The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious...