CVE-2021-22942

Опубликовано: 18 окт. 2021

Источник: debian

EPSS Низкий

Описание

A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect users to a malicious website.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
rails	fixed	2:6.1.4.1+dfsg-1	experimental	package
rails	fixed	2:6.1.4.1+dfsg-3		package
rails	not-affected		buster	package
rails	not-affected		stretch	package

Примечания

https://www.openwall.com/lists/oss-security/2021/08/20/1

EPSS

Процентиль: 69%

0.0061

Низкий

Связанные уязвимости

CVE-2021-22942

CVSS3: 6.1

ubuntu

больше 4 лет назад

A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect users to a malicious website.

CVE-2021-22942

CVSS3: 5.4

redhat

больше 4 лет назад

A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect users to a malicious website.

CVE-2021-22942

CVSS3: 6.1

nvd

больше 4 лет назад

A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect users to a malicious website.

GHSA-2rqw-v265-jf8c

CVSS3: 6.1

github

больше 4 лет назад

Open Redirect in ActionPack

EPSS

Процентиль: 69%

0.0061

Низкий