Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0160
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Ruby on Rails. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Ruby on Rails | Ruby on Rails | Ruby on Rails versions 7.1.x antérieures à 7.1.3.1 | ||
| Ruby on Rails | N/A | Rack versions 3.0.x antérieures à 3.0.9.1 | ||
| Ruby on Rails | Ruby on Rails | Ruby on Rails versions antérieures à 6.1.7.7 | ||
| Ruby on Rails | Ruby on Rails | Ruby on Rails versions 7.0.x antérieures à 7.0.8.1 | ||
| Ruby on Rails | N/A | Rack versions antérieures à 2.2.8.1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ruby on Rails versions 7.1.x ant\u00e9rieures \u00e0 7.1.3.1",
"product": {
"name": "Ruby on Rails",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
},
{
"description": "Rack versions 3.0.x ant\u00e9rieures \u00e0 3.0.9.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
},
{
"description": "Ruby on Rails versions ant\u00e9rieures \u00e0 6.1.7.7",
"product": {
"name": "Ruby on Rails",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
},
{
"description": "Ruby on Rails versions 7.0.x ant\u00e9rieures \u00e0 7.0.8.1",
"product": {
"name": "Ruby on Rails",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
},
{
"description": "Rack versions ant\u00e9rieures \u00e0 2.2.8.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2024-26143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26143"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2024-26142",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26142"
},
{
"name": "CVE-2024-26144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26144"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0160",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Ruby on Rails.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection\nde code indirecte \u00e0 distance (XSS).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Ruby on Rails",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84946 du 21 f\u00e9vrier 2024",
"url": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84941 du 21 f\u00e9vrier 2024",
"url": "https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84944 du 21 f\u00e9vrier 2024",
"url": "https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84942 du 21 f\u00e9vrier 2024",
"url": "https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84945 du 21 f\u00e9vrier 2024",
"url": "https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84947 du 21 f\u00e9vrier 2024",
"url": "https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947"
}
]
}
CVE-2024-26146 (GCVE-0-2024-26146)
Vulnerability from cvelistv5 – Published: 2024-02-28 23:28 – Updated: 2025-02-13 17:41
VLAI?
EPSS
Summary
Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Ruby 3.2 has mitigations for this problem, so Rack applications using Ruby 3.2 or newer are unaffected. This vulnerability is fixed in 2.0.9.4, 2.1.4.4, 2.2.8.1, and 3.0.9.1.
Severity ?
5.3 (Medium)
CWE
- CWE-1333 - Inefficient Regular Expression Complexity
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rack_project:rack:2.2.0:*:*:*:*:ruby:*:*",
"cpe:2.3:a:rack_project:rack:2.1.0:*:*:*:*:ruby:*:*",
"cpe:2.3:a:rack_project:rack:3.0.0:-:*:*:*:ruby:*:*"
],
"defaultStatus": "unknown",
"product": "rack",
"vendor": "rack_project",
"versions": [
{
"lessThan": "2.1.4.4",
"status": "affected",
"version": "2.1.0",
"versionType": "custom"
},
{
"lessThan": "2.2.8.1",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "3.0.9.1",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*"
],
"defaultStatus": "unknown",
"product": "rack",
"vendor": "rack_project",
"versions": [
{
"lessThan": "2.0.9.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26146",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-29T17:31:54.207314Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T16:39:52.274Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:59:32.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/rack/rack/security/advisories/GHSA-54rr-7fvw-6x8f",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-54rr-7fvw-6x8f"
},
{
"name": "https://github.com/rack/rack/commit/30b8e39a578b25d4bdcc082c1c52c6f164b59716",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rack/rack/commit/30b8e39a578b25d4bdcc082c1c52c6f164b59716"
},
{
"name": "https://github.com/rack/rack/commit/6c5d90bdcec0949f7ba06db62fb740dab394b582",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rack/rack/commit/6c5d90bdcec0949f7ba06db62fb740dab394b582"
},
{
"name": "https://github.com/rack/rack/commit/a227cd793778c7c3a827d32808058571569cda6f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rack/rack/commit/a227cd793778c7c3a827d32808058571569cda6f"
},
{
"name": "https://github.com/rack/rack/commit/e4c117749ba24a66f8ec5a08eddf68deeb425ccd",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rack/rack/commit/e4c117749ba24a66f8ec5a08eddf68deeb425ccd"
},
{
"name": "https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26146.yml",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26146.yml"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240510-0006/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rack",
"vendor": "rack",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.0.9.1"
},
{
"status": "affected",
"version": "\u003e= 2.2.0, \u003c 2.2.8.1"
},
{
"status": "affected",
"version": "\u003e= 2.1.0, \u003c 2.1.4.4"
},
{
"status": "affected",
"version": "\u003c 2.0.9.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Ruby 3.2 has mitigations for this problem, so Rack applications using Ruby 3.2 or newer are unaffected. This vulnerability is fixed in 2.0.9.4, 2.1.4.4, 2.2.8.1, and 3.0.9.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333: Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:12:58.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/rack/rack/security/advisories/GHSA-54rr-7fvw-6x8f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-54rr-7fvw-6x8f"
},
{
"name": "https://github.com/rack/rack/commit/30b8e39a578b25d4bdcc082c1c52c6f164b59716",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rack/rack/commit/30b8e39a578b25d4bdcc082c1c52c6f164b59716"
},
{
"name": "https://github.com/rack/rack/commit/6c5d90bdcec0949f7ba06db62fb740dab394b582",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rack/rack/commit/6c5d90bdcec0949f7ba06db62fb740dab394b582"
},
{
"name": "https://github.com/rack/rack/commit/a227cd793778c7c3a827d32808058571569cda6f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rack/rack/commit/a227cd793778c7c3a827d32808058571569cda6f"
},
{
"name": "https://github.com/rack/rack/commit/e4c117749ba24a66f8ec5a08eddf68deeb425ccd",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rack/rack/commit/e4c117749ba24a66f8ec5a08eddf68deeb425ccd"
},
{
"name": "https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942",
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26146.yml",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26146.yml"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240510-0006/"
}
],
"source": {
"advisory": "GHSA-54rr-7fvw-6x8f",
"discovery": "UNKNOWN"
},
"title": "Possible Denial of Service Vulnerability in Rack Header Parsing"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-26146",
"datePublished": "2024-02-28T23:28:01.158Z",
"dateReserved": "2024-02-14T17:40:03.689Z",
"dateUpdated": "2025-02-13T17:41:07.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26144 (GCVE-0-2024-26144)
Vulnerability from cvelistv5 – Published: 2024-02-27 15:44 – Updated: 2025-02-13 17:41
VLAI?
EPSS
Summary
Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak. The vulnerability is fixed in 7.0.8.1 and 6.1.7.7.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:59:32.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/rails/rails/security/advisories/GHSA-8h22-8cf7-hq6g",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rails/rails/security/advisories/GHSA-8h22-8cf7-hq6g"
},
{
"name": "https://github.com/rails/rails/commit/723f54566023e91060a67b03353e7c03e7436433",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rails/rails/commit/723f54566023e91060a67b03353e7c03e7436433"
},
{
"name": "https://github.com/rails/rails/commit/78fe149509fac5b05e54187aaaef216fbb5fd0d3",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rails/rails/commit/78fe149509fac5b05e54187aaaef216fbb5fd0d3"
},
{
"name": "https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2024-26144.yml",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2024-26144.yml"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240510-0013/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rails:rails:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rails",
"vendor": "rails",
"versions": [
{
"lessThan": "7.1.0",
"status": "affected",
"version": "5.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26144",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-09T14:01:13.600938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T14:45:52.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "rails",
"vendor": "rails",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.2.0, \u003c 6.1.7.7"
},
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.0.8.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user\u0027s session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak. The vulnerability is fixed in 7.0.8.1 and 6.1.7.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T16:07:14.017Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/rails/rails/security/advisories/GHSA-8h22-8cf7-hq6g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rails/rails/security/advisories/GHSA-8h22-8cf7-hq6g"
},
{
"name": "https://github.com/rails/rails/commit/723f54566023e91060a67b03353e7c03e7436433",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rails/rails/commit/723f54566023e91060a67b03353e7c03e7436433"
},
{
"name": "https://github.com/rails/rails/commit/78fe149509fac5b05e54187aaaef216fbb5fd0d3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rails/rails/commit/78fe149509fac5b05e54187aaaef216fbb5fd0d3"
},
{
"name": "https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945",
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2024-26144.yml",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2024-26144.yml"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240510-0013/"
}
],
"source": {
"advisory": "GHSA-8h22-8cf7-hq6g",
"discovery": "UNKNOWN"
},
"title": "Possible Sensitive Session Information Leak in Active Storage"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-26144",
"datePublished": "2024-02-27T15:44:04.166Z",
"dateReserved": "2024-02-14T17:40:03.688Z",
"dateUpdated": "2025-02-13T17:41:06.989Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26142 (GCVE-0-2024-26142)
Vulnerability from cvelistv5 – Published: 2024-02-27 15:25 – Updated: 2025-02-13 17:41
VLAI?
EPSS
Summary
Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected.
Severity ?
7.5 (High)
CWE
- CWE-1333 - Inefficient Regular Expression Complexity
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:59:32.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq"
},
{
"name": "https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272"
},
{
"name": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240503-0003/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rails:rails:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rails",
"vendor": "rails",
"versions": [
{
"lessThanOrEqual": "7.1.3.1",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26142",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-28T20:01:00.813235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T15:55:41.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "rails",
"vendor": "rails",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.1.0, \u003c 7.1.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333: Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T13:06:03.897Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq"
},
{
"name": "https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272"
},
{
"name": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946",
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240503-0003/"
}
],
"source": {
"advisory": "GHSA-jjhx-jhvp-74wq",
"discovery": "UNKNOWN"
},
"title": "Rails possible ReDoS vulnerability in Accept header parsing in Action Dispatch"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-26142",
"datePublished": "2024-02-27T15:25:44.103Z",
"dateReserved": "2024-02-14T17:40:03.688Z",
"dateUpdated": "2025-02-13T17:41:05.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26141 (GCVE-0-2024-26141)
Vulnerability from cvelistv5 – Published: 2024-02-28 23:28 – Updated: 2025-02-13 17:41
VLAI?
EPSS
Summary
Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the `Rack::File` middleware or the `Rack::Utils.byte_ranges` methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1.
Severity ?
5.8 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:59:32.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/rack/rack/security/advisories/GHSA-xj5v-6v4g-jfw6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-xj5v-6v4g-jfw6"
},
{
"name": "https://github.com/rack/rack/commit/4849132bef471adb21131980df745f4bb84de2d9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rack/rack/commit/4849132bef471adb21131980df745f4bb84de2d9"
},
{
"name": "https://github.com/rack/rack/commit/62457686b26d33a15a254c7768c2076e8e02b48b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rack/rack/commit/62457686b26d33a15a254c7768c2076e8e02b48b"
},
{
"name": "https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26141.yml",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26141.yml"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240510-0007/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*"
],
"defaultStatus": "unknown",
"product": "rack",
"vendor": "rack_project",
"versions": [
{
"lessThan": "3.0.9.1",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "2.2.8.1",
"status": "affected",
"version": "1.3.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26141",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-05T18:23:59.367185Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:55:43.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "rack",
"vendor": "rack",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.0.9.1"
},
{
"status": "affected",
"version": "\u003e= 1.3.0, \u003c 2.2.8.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the `Rack::File` middleware or the `Rack::Utils.byte_ranges` methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T16:12:57.074Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/rack/rack/security/advisories/GHSA-xj5v-6v4g-jfw6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-xj5v-6v4g-jfw6"
},
{
"name": "https://github.com/rack/rack/commit/4849132bef471adb21131980df745f4bb84de2d9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rack/rack/commit/4849132bef471adb21131980df745f4bb84de2d9"
},
{
"name": "https://github.com/rack/rack/commit/62457686b26d33a15a254c7768c2076e8e02b48b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rack/rack/commit/62457686b26d33a15a254c7768c2076e8e02b48b"
},
{
"name": "https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944",
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26141.yml",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26141.yml"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240510-0007/"
}
],
"source": {
"advisory": "GHSA-xj5v-6v4g-jfw6",
"discovery": "UNKNOWN"
},
"title": "Possible DoS Vulnerability with Range Header in Rack"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-26141",
"datePublished": "2024-02-28T23:28:10.503Z",
"dateReserved": "2024-02-14T17:40:03.688Z",
"dateUpdated": "2025-02-13T17:41:04.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26143 (GCVE-0-2024-26143)
Vulnerability from cvelistv5 – Published: 2024-02-27 15:33 – Updated: 2025-02-13 17:41
VLAI?
EPSS
Summary
Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "_html", a :default key which contains untrusted user input, and the resulting string is used in a view, may be susceptible to an XSS vulnerability. The vulnerability is fixed in 7.1.3.1 and 7.0.8.1.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26143",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-29T18:24:49.795683Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:16.767Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:59:32.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/rails/rails/security/advisories/GHSA-9822-6m93-xqf4",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rails/rails/security/advisories/GHSA-9822-6m93-xqf4"
},
{
"name": "https://github.com/rails/rails/commit/4c83b331092a79d58e4adffe4be5f250fa5782cc",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rails/rails/commit/4c83b331092a79d58e4adffe4be5f250fa5782cc"
},
{
"name": "https://github.com/rails/rails/commit/5187a9ef51980ad1b8e81945ebe0462d28f84f9e",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rails/rails/commit/5187a9ef51980ad1b8e81945ebe0462d28f84f9e"
},
{
"name": "https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26143.yml",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26143.yml"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240510-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rails",
"vendor": "rails",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.0.8.1"
},
{
"status": "affected",
"version": "\u003e= 7.1.0, \u003c 7.1.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in \"_html\", a :default key which contains untrusted user input, and the resulting string is used in a view, may be susceptible to an XSS vulnerability. The vulnerability is fixed in 7.1.3.1 and 7.0.8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T16:11:24.075Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/rails/rails/security/advisories/GHSA-9822-6m93-xqf4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rails/rails/security/advisories/GHSA-9822-6m93-xqf4"
},
{
"name": "https://github.com/rails/rails/commit/4c83b331092a79d58e4adffe4be5f250fa5782cc",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rails/rails/commit/4c83b331092a79d58e4adffe4be5f250fa5782cc"
},
{
"name": "https://github.com/rails/rails/commit/5187a9ef51980ad1b8e81945ebe0462d28f84f9e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rails/rails/commit/5187a9ef51980ad1b8e81945ebe0462d28f84f9e"
},
{
"name": "https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947",
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26143.yml",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26143.yml"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240510-0004/"
}
],
"source": {
"advisory": "GHSA-9822-6m93-xqf4",
"discovery": "UNKNOWN"
},
"title": "Rails Possible XSS Vulnerability in Action Controller"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-26143",
"datePublished": "2024-02-27T15:33:54.643Z",
"dateReserved": "2024-02-14T17:40:03.688Z",
"dateUpdated": "2025-02-13T17:41:06.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25126 (GCVE-0-2024-25126)
Vulnerability from cvelistv5 – Published: 2024-02-28 23:28 – Updated: 2025-02-13 17:40
VLAI?
EPSS
Summary
Rack is a modular Ruby web server interface. Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability (ReDos 2nd degree polynomial). This vulnerability is patched in 3.0.9.1 and 2.2.8.1.
Severity ?
5.3 (Medium)
CWE
- CWE-1333 - Inefficient Regular Expression Complexity
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/rack/rack/security/advisories/GHSA-22f2-v57c-j9cx",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-22f2-v57c-j9cx"
},
{
"name": "https://github.com/rack/rack/commit/6efb2ceea003c4b195815a614e00438cbd543462",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rack/rack/commit/6efb2ceea003c4b195815a614e00438cbd543462"
},
{
"name": "https://github.com/rack/rack/commit/d9c163a443b8cadf4711d84bd2c58cb9ef89cf49",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rack/rack/commit/d9c163a443b8cadf4711d84bd2c58cb9ef89cf49"
},
{
"name": "https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-25126.yml",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-25126.yml"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240510-0005/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rack_project:rack:3.0.0:rc1:*:*:*:ruby:*:*"
],
"defaultStatus": "unknown",
"product": "rack",
"vendor": "rack_project",
"versions": [
{
"lessThan": "3.0.9.1",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "2.2.8.1",
"status": "affected",
"version": "0.4",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25126",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T17:41:06.470602Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T17:43:32.571Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "rack",
"vendor": "rack",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.0.9.1"
},
{
"status": "affected",
"version": "\u003e= 0.4, \u003c 2.2.8.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rack is a modular Ruby web server interface. Carefully crafted content type headers can cause Rack\u2019s media type parser to take much longer than expected, leading to a possible denial of service vulnerability (ReDos 2nd degree polynomial). This vulnerability is patched in 3.0.9.1 and 2.2.8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333: Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:09:01.441Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/rack/rack/security/advisories/GHSA-22f2-v57c-j9cx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-22f2-v57c-j9cx"
},
{
"name": "https://github.com/rack/rack/commit/6efb2ceea003c4b195815a614e00438cbd543462",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rack/rack/commit/6efb2ceea003c4b195815a614e00438cbd543462"
},
{
"name": "https://github.com/rack/rack/commit/d9c163a443b8cadf4711d84bd2c58cb9ef89cf49",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rack/rack/commit/d9c163a443b8cadf4711d84bd2c58cb9ef89cf49"
},
{
"name": "https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941",
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-25126.yml",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-25126.yml"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240510-0005/"
}
],
"source": {
"advisory": "GHSA-22f2-v57c-j9cx",
"discovery": "UNKNOWN"
},
"title": "Rack ReDos in content type parsing (2nd degree polynomial)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-25126",
"datePublished": "2024-02-28T23:28:07.073Z",
"dateReserved": "2024-02-05T14:14:46.381Z",
"dateUpdated": "2025-02-13T17:40:47.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…