exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2023-28362

около 1 года назад

The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header.

CVSS3: 4

EPSS: Низкий

CVE-2023-28362

больше 2 лет назад

The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header.

CVSS3: 4.7

EPSS: Низкий

CVE-2023-28362

около 1 года назад

The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header.

CVSS3: 4

EPSS: Низкий

CVE-2023-28362

около 1 года назад

The redirect_to method in Rails allows provided values to contain char ...

CVSS3: 4

EPSS: Низкий

SUSE-SU-2023:3229-1

больше 2 лет назад

Security update for rubygem-actionpack-5_1

EPSS: Низкий

GHSA-4g8v-vg43-wpgf

больше 2 лет назад

Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to

CVSS3: 4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-28362 The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header.	CVSS3: 4	0% Низкий	около 1 года назад
CVE-2023-28362 The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header.	CVSS3: 4.7	0% Низкий	больше 2 лет назад
CVE-2023-28362 The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header.	CVSS3: 4	0% Низкий	около 1 года назад
CVE-2023-28362 The redirect_to method in Rails allows provided values to contain char ...	CVSS3: 4	0% Низкий	около 1 года назад
SUSE-SU-2023:3229-1 Security update for rubygem-actionpack-5_1		0% Низкий	больше 2 лет назад
GHSA-4g8v-vg43-wpgf Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to	CVSS3: 4	0% Низкий	больше 2 лет назад

Уязвимостей на страницу