Описание
Possible code injection vulnerability in Rails / Active Storage
The Active Storage module of Rails starting with version 5.2.0 is possibly vulnerable to code injection. This issue was patched in versions 5.2.6.3, 6.0.4.7, 6.1.4.7, and 7.0.2.3. To work around this issue, applications should implement a strict allow-list on accepted transformation methods or arguments. Additionally, a strict ImageMagick security policy will help mitigate this issue.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-21831
- https://github.com/rails/rails/commit/0a72f7d670e9aa77a0bb8584cb1411ddabb7546e
- https://github.com/advisories/GHSA-w749-p3v6-hccq
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2022-21831.yml
- https://groups.google.com/g/rubyonrails-security/c/n-p-W1yxatI
- https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html
- https://rubysec.com/advisories/CVE-2022-21831
- https://security.netapp.com/advisory/ntap-20221118-0001
- https://www.debian.org/security/2023/dsa-5372
Пакеты
activestorage
>= 5.2.0, <= 5.2.6.2
5.2.6.3
activestorage
>= 6.0.0, <= 6.0.4.6
6.0.4.7
activestorage
>= 6.1.0, <= 6.1.4.6
6.1.4.7
activestorage
>= 7.0.0, <= 7.0.2.2
7.0.2.3
Связанные уязвимости
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.
A code injection vulnerability exists in the Active Storage >= v5.2.0 ...
Уязвимость модуля Active Storage программной платформы Ruby on Rails, позволяющая нарушителю выполнить произвольный код