Linux Distros Unpatched Vulnerability : CVE-2024-21510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When makin...

Reliance On Untrusted Inputs In A Security Decision

Sinatra is vulnerable to Reliance on Untrusted Inputs in a Security Decision. The vulnerability is due to improper handling of the X-Forwarded-Host header via the X-Forwarded-Host header, allowing attackers to exploit Open Redirect Attacks, Cache Poisoning, or Routing-based SSRF through untrusted...

CVE-2024-21510

A flaw was found in Sinatra. This vulnerability allows an Open Redirect attack via the X-Forwarded-Host XFH header, potentially enabling Cache Poisoning or Server-Side Request Forgery SSRF when used in caching servers or reverse proxies...

GHSA-HXX2-7VCW-MQR3 Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into...

CVE-2024-21510

CVE-2024-21510 affects Sinatra (Ruby): versions of the package sinatra from 0.0.0 are vulnerable. The issue arises from reliance on untrusted inputs via the X-Forwarded-Host header, enabling an Open Redirect when a request with a redirect is made. If such a header is used for caching (e.g., with ...

CVE-2024-21510

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into...