发布时间: 2021年7月28日
修改时间: 2021年7月28日
The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain allowed host formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to CVE-2021-22881. Strings in config.hosts that do not have a leading dot are converted to regular expressions without proper escaping. This causes, for example, `config.hosts << sub.example.com ` to permit a request with a Host header value of `sub-example.com`.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | Low | Low |
| Attack Vector | Network | Network |
| CVSS评分 | 6.1 | 6.1 |
| Attack Complexity | Low | Low |
| Privileges Required | None | None |
| Scope | Changed | Changed |
| Integrity | Low | Low |
| User Interaction | Required | Required |
| Availability | None | None |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2021-1919 | The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain allowed host formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to CVE-2021-22881. Strings in config.hosts that do not have a leading dot are converted to regular expressions without proper escaping. This causes, for example, `config.hosts << sub.example.com ` to permit a request with a Host header value of `sub-example.com`. | 2021年7月28日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | rubygem-actionpack | Unaffected |
