GHSA-8cgq-6mh2-7j6v

Опубликовано: 04 мар. 2025

Источник: github

Github: Прошло ревью

CVSS4: 6.9

Описание

Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection

Summary

Rack::Sendfile can be exploited by crafting input that includes newline characters to manipulate log entries.

Details

The Rack::Sendfile middleware logs unsanitized header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection.

Impact

This vulnerability can distort log files, obscure attack traces, and complicate security auditing.

Mitigation

Update to the latest version of Rack, or
Remove usage of Rack::Sendfile.

Ссылки

Пакеты

Наименование

rack

rubygems

Затронутые версииВерсия исправления

< 2.2.12

2.2.12

Наименование

rack

rubygems

Затронутые версииВерсия исправления

>= 3.0, < 3.0.13

3.0.13

Наименование

rack

rubygems

Затронутые версииВерсия исправления

>= 3.1, < 3.1.11

3.1.11

EPSS

Процентиль: 42%

0.00193

Низкий

6.9 Medium

CVSS4

CVE ID

CVE-2025-27111

Дефекты

CWE-117

CWE-93

Связанные уязвимости

CVE-2025-27111

ubuntu

4 месяца назад

Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11.