Lucene search
K

308 matches found

OSV
OSV
added 2024/11/22 2:23 p.m.3 views

OESA-2024-2477 rubygem-sinatra security update

Sinatra is a DSL intended for quickly creating web-applications in Ruby with minimal effort. Security Fixes: Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a...

8.8CVSS7AI score0.00642EPSS
Exploits1References2
OSV
OSV
added 2024/11/22 2:23 p.m.4 views

OESA-2024-2476 rubygem-sinatra security update

Sinatra is a DSL intended for quickly creating web-applications in Ruby with minimal effort. Security Fixes: Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a...

8.8CVSS7AI score0.00642EPSS
Exploits1References2
OSV
OSV
added 2024/11/22 2:23 p.m.3 views

OESA-2024-2474 rubygem-sinatra security update

Sinatra is a DSL intended for quickly creating web-applications in Ruby with minimal effort. Security Fixes: Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a...

8.8CVSS7AI score0.00642EPSS
Exploits1References2
OSV
OSV
added 2024/11/22 2:23 p.m.3 views

OESA-2024-2475 rubygem-sinatra security update

Sinatra is a DSL intended for quickly creating web-applications in Ruby with minimal effort. Security Fixes: Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a...

8.8CVSS7AI score0.00642EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2024/11/06 4:8 a.m.5 views

SUSE CVE-2024-21510

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into...

5.4CVSS8.6AI score0.00476EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/11/01 9:59 a.m.11 views

CVE-2024-21510

A flaw was found in Sinatra. This vulnerability allows an Open Redirect attack via the X-Forwarded-Host XFH header, potentially enabling Cache Poisoning or Server-Side Request Forgery SSRF when used in caching servers or reverse proxies...

5.4CVSS5.4AI score0.00476EPSS
Exploits0References7
OSV
OSV
added 2024/11/01 6:30 a.m.6 views

GHSA-HXX2-7VCW-MQR3 Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into...

5.4CVSS5.7AI score0.00476EPSS
Exploits0References9
Chainguard
Chainguard
added 2024/11/01 6:30 a.m.7 views

GHSA-HXX2-7VCW-MQR3 vulnerabilities

Vulnerabilities for packages: ruby3.2-sinatra, gitlab-cng, logstash, ruby3.3-sinatra...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2024/11/01 6:30 a.m.5 views

GHSA-HXX2-7VCW-MQR3 vulnerabilities

Vulnerabilities for packages: ruby3.3-sinatra, logstash, ruby3.2-sinatra...

5.9AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/11/01 6:30 a.m.24 views

Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into...

5.4CVSS6.9AI score0.00476EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2024/11/01 5:15 a.m.11 views

CVE-2024-21510

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into...

5.4CVSS0.00476EPSS
Exploits0References4
OSV
OSV
added 2024/11/01 5:15 a.m.12 views

CVE-2024-21510

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into...

5.4CVSS5.5AI score
Exploits0References4
Chainguard
Chainguard
added 2024/11/01 5:15 a.m.5 views

CVE-2024-21510 vulnerabilities

Vulnerabilities for packages: ruby3.2-sinatra, gitlab-cng, logstash, ruby3.3-sinatra...

5.4CVSS6.5AI score0.00476EPSS
Exploits0
Wolfi
Wolfi
added 2024/11/01 5:15 a.m.22 views

CVE-2024-21510 vulnerabilities

Vulnerabilities for packages: ruby3.3-sinatra, logstash, ruby3.2-sinatra...

5.4CVSS6.5AI score0.00476EPSS
Exploits0
OSV
OSV
added 2024/11/01 5:15 a.m.4 views

DEBIAN-CVE-2024-21510

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into...

5.4CVSS6.5AI score0.00476EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 5:0 a.m.299 views

CVE-2024-21510

CVE-2024-21510 affects Sinatra (Ruby): versions of the package sinatra from 0.0.0 are vulnerable. The issue arises from reliance on untrusted inputs via the X-Forwarded-Host header, enabling an Open Redirect when a request with a redirect is made. If such a header is used for caching (e.g., with ...

5.4CVSS7AI score0.00476EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/01 5:0 a.m.14 views

CVE-2024-21510

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into...

5.4CVSS7AI score0.00476EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/11/01 5:0 a.m.23 views

CVE-2024-21510

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into...

5.4CVSS0.00476EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/11/01 5:0 a.m.8 views

CVE-2024-21510

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into...

5.4CVSS6.5AI score0.00476EPSS
Exploits0
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.2 views

Sinatra 安全漏洞

Sinatra is a Sinatra open source DSL for quickly creating web applications in Ruby with minimal effort A security vulnerability exists in Sinatra. An attacker exploiting this vulnerability can trigger an open redirection attack by inserting an arbitrary address in the header...

5.4CVSS6.9AI score0.00476EPSS
Exploits0References5
Rows per page
Query Builder