Описание
Omniauth allows POST parameters to be stored in session
In strategy.rb in OmniAuth before 1.3.2, the authenticity_token value is improperly protected because POST (in addition to GET) parameters are stored in the session and become available in the environment of the callback phase.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2017-18076
- https://github.com/omniauth/omniauth/pull/867
- https://github.com/omniauth/omniauth/pull/867/commits/71866c5264122e196847a3980c43051446a03e9b
- https://bugs.debian.org/888523
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/omniauth/CVE-2017-18076.yml
- https://www.debian.org/security/2018/dsa-4109
Пакеты
omniauth
< 1.3.2
1.3.2
Связанные уязвимости
In strategy.rb in OmniAuth before 1.3.2, the authenticity_token value is improperly protected because POST (in addition to GET) parameters are stored in the session and become available in the environment of the callback phase.
In strategy.rb in OmniAuth before 1.3.2, the authenticity_token value is improperly protected because POST (in addition to GET) parameters are stored in the session and become available in the environment of the callback phase.
In strategy.rb in OmniAuth before 1.3.2, the authenticity_token value ...