9 matches found
RubyGem secure_headers injection vulnerability
RubyGems is a Ruby package manager from the RubyGems organization. The product is primarily used for distributing and managing Ruby packages. An injection vulnerability exists in RubyGem secureheaders versions prior to 3.9.0, prior to 5.2.0, and prior to 6.3.0. The vulnerability stems from a lack...
CVE-2020-5217
A flaw was found in rubygem-secureheaders in versions prior to 6.2.0, 5.1.0, and 3.8.0. If user-supplied input was passed into append/overridecontentsecuritypolicydirectives, a semicolon could be injected leading to directive injection which could be used to override a script-src directive. The...
CRLF Injection
secureheaders is vulnerable to CRLF injection. A newline character can be used to write arbitrary value into the Content-Security-Policy header via append/overridecontentsecuritypolicydirectives...
Code injection
In Secure Headers RubyGem secureheaders, a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. If user-supplied input was passed into append/overridecontentsecuritypolicydirectives, a semicolon could be injected leading to directive injection. This could be us...
CVE-2020-5216 Limited header injection when using dynamic overrides with user input in RubyGems secure_headers
In Secure Headers RubyGem secureheaders, a directive injection vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0. If user-supplied input was passed into append/overridecontentsecuritypolicydirectives, a newline could be injected leading to limited header injection. Upon seeing a...
GHSA-W978-RMPF-QMWG Limited header injection when using dynamic overrides with user input in RubyGems secure_headers
Impact If user-supplied input was passed into append/overridecontentsecuritypolicydirectives, a newline could be injected leading to limited header injection. Upon seeing a newline in the header, rails will silently create a new Content-Security-Policy header with the remaining value of the...
CVE-2020-5217 Directive injection when using dynamic overrides with user input in RubyGems secure_headers
In Secure Headers RubyGem secureheaders, a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. If user-supplied input was passed into append/overridecontentsecuritypolicydirectives, a semicolon could be injected leading to directive injection. This could be us...
secure_headers header injection due to newline
If user-supplied input was passed into append/overridecontentsecuritypolicydirectives, a newline could be injected leading to limited header injection. Upon seeing a newline in the header, rails will silently create a new Content-Security-Policy header with the remaining value of the original...
secure_headers directive injection using semicolon
If user-supplied input was passed into append/overridecontentsecuritypolicydirectives, a semicolon could be injected leading to directive injection. This could be used to e.g. override a script-src directive. Duplicate directives are ignored and the first one wins. The directives in secureheaders...