rails-7.0.4.3.gem: 23 vulnerabilities (highest severity is: 7.5) #4
Labels
Mend: dependency security vulnerability
Security vulnerability detected by Mend
Comments
mend-for-github-com
bot
added
the
Mend: dependency security vulnerability
1 task
mend-for-github-com
bot
changed the title
mend-for-github-com
bot
changed the title
mend-for-github-com
bot
changed the title
mend-for-github-com
bot
changed the title
mend-for-github-com
bot
changed the title
mend-for-github-com
bot
changed the title
mend-for-github-com
bot
changed the title
mend-for-github-com
bot
changed the title
mend-for-github-com
bot
changed the title
mend-for-github-com
bot
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-7.0.4.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rails-7.0.4.3.gem
Vulnerabilities
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
Vulnerable Library - net-imap-0.3.4.gem
Ruby client api for Internet Message Access Protocol
Library home page: https://rubygems.org/gems/net-imap-0.3.4.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/net-imap-0.3.4.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a "literal" byte count, which is automatically read by the client's receiver thread. The response reader immediately allocates memory for the number of bytes indicated by the server response. This should not be an issue when securely connecting to trusted IMAP servers that are well-behaved. It can affect insecure connections and buggy, untrusted, or compromised servers (for example, connecting to a user supplied hostname). This issue has been patched in versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5.
Publish Date: 2025-04-28
URL: CVE-2025-43857
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Release Date: 2025-04-28
Fix Resolution: https://github.com/ruby/net-imap.git - v0.2.5
Vulnerable Library - rack-2.2.7.gem
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
Library home page: https://rubygems.org/gems/rack-2.2.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rack-2.2.7.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, "Rack::Static" can serve files under the specified "root:" even if "urls:" are provided, which may expose other files under the specified "root:" unexpectedly. The vulnerability occurs because "Rack::Static" does not properly sanitize user-supplied paths before serving files. Specifically, encoded path traversal sequences are not correctly validated, allowing attackers to access files outside the designated static file directory. By exploiting this vulnerability, an attacker can gain access to all files under the specified "root:" directory, provided they are able to determine then path of the file. Versions 2.2.13, 3.0.14, and 3.1.12 contain a patch for the issue. Other mitigations include removing usage of "Rack::Static", or ensuring that "root:" points at a directory path which only contains files which should be accessed publicly. It is likely that a CDN or similar static file server would also mitigate the issue.
Publish Date: 2025-03-10
URL: CVE-2025-27610
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.Vulnerable Library - actionpack-7.0.4.3.gem
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-7.0.4.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/actionpack-7.0.4.3.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to version 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. One may use Ruby 3.2 as a workaround. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 depends on Ruby 3.2 or greater so is unaffected.
Publish Date: 2024-10-16
URL: CVE-2024-41128
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-x76w-6vjr-8xgj
Release Date: 2024-10-16
Fix Resolution: actionpack - 6.1.7.9,7.0.8.5,7.1.4.1,7.2.1.1
Vulnerable Library - net-imap-0.3.4.gem
Ruby client api for Internet Message Access Protocol
Library home page: https://rubygems.org/gems/net-imap-0.3.4.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/net-imap-0.3.4.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in "net-imap"'s response parser. At any time while the client is connected, a malicious server can send can send highly compressed "uid-set" data which is automatically read by the client's receiver thread. The response parser uses "Range#to_a" to convert the "uid-set" data into arrays of integers, with no limitation on the expanded size of the ranges. Versions 0.3.8, 0.4.19, 0.5.6, and higher fix this issue. Additional details for proper configuration of fixed versions and backward compatibility are available in the GitHub Security Advisory.
Publish Date: 2025-02-10
URL: CVE-2025-25186
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - rack-2.2.7.gem
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
Library home page: https://rubygems.org/gems/rack-2.2.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rack-2.2.7.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited by crafting input that includes newline characters to manipulate log entries. The supplied proof-of-concept demonstrates injecting malicious content into logs. When a user provides the authorization credentials via Rack::Auth::Basic, if success, the username will be put in env['REMOTE_USER'] and later be used by Rack::CommonLogger for logging purposes. The issue occurs when a server intentionally or unintentionally allows a user creation with the username contain CRLF and white space characters, or the server just want to log every login attempts. If an attacker enters a username with CRLF character, the logger will log the malicious username with CRLF characters into the logfile. Attackers can break log formats or insert fraudulent entries, potentially obscuring real activity or injecting malicious data into log files. Versions 2.2.11, 3.0.12, and 3.1.10 contain a fix.
Publish Date: 2025-02-12
URL: CVE-2025-25184
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: High
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-7g2v-jj9q-g3rg
Release Date: 2025-02-12
Fix Resolution: rack - 2.2.11,3.0.12,3.1.11
Vulnerable Library - actionpack-7.0.4.3.gem
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-7.0.4.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/actionpack-7.0.4.3.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Action Pack is a framework for handling and responding to web requests. There is a possible Cross Site Scripting (XSS) vulnerability in the "content_security_policy" helper starting in version 5.2.0 of Action Pack and prior to versions 7.0.8.7, 7.1.5.1, 7.2.2.1, and 8.0.0.1. Applications which set Content-Security-Policy (CSP) headers dynamically from untrusted user input may be vulnerable to carefully crafted inputs being able to inject new directives into the CSP. This could lead to a bypass of the CSP and its protection against XSS and other attacks. Versions 7.0.8.7, 7.1.5.1, 7.2.2.1, and 8.0.0.1 contain a fix. As a workaround, applications can avoid setting CSP headers dynamically from untrusted input, or can validate/sanitize that input.
Publish Date: 2024-12-10
URL: CVE-2024-54133
CVSS 3 Score Details (6.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-vfm5-rmrh-j26v
Release Date: 2024-12-10
Fix Resolution: actionpack - 7.0.8.7,7.1.5.1,7.2.2.1,8.0.0.1
Vulnerable Library - rails-7.0.4.3.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-7.0.4.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rails-7.0.4.3.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "_html", a :default key which contains untrusted user input, and the resulting string is used in a view, may be susceptible to an XSS vulnerability. The vulnerability is fixed in 7.1.3.1 and 7.0.8.1.
Publish Date: 2024-02-27
URL: CVE-2024-26143
CVSS 3 Score Details (6.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-9822-6m93-xqf4
Release Date: 2024-02-27
Fix Resolution: rails - 7.0.8.1,7.1.3.1
⛑️ Automatic Remediation will be attempted for this issue.
Vulnerable Library - rack-2.2.7.gem
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
Library home page: https://rubygems.org/gems/rack-2.2.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rack-2.2.7.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the
Rack::Filemiddleware or theRack::Utils.byte_rangesmethods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1.Publish Date: 2024-02-28
URL: CVE-2024-26141
CVSS 3 Score Details (5.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2024-26141
Release Date: 2024-02-28
Fix Resolution: rack - 2.2.8.1,3.0.9.1
Vulnerable Library - actionpack-7.0.4.3.gem
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-7.0.4.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/actionpack-7.0.4.3.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3.
Publish Date: 2024-06-04
URL: CVE-2024-28103
CVSS 3 Score Details (5.4)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-fwhr-88qx-h9g7
Release Date: 2024-06-04
Fix Resolution: actionpack - 6.1.7.8,7.0.8.4,7.1.3.4
Vulnerable Library - rack-2.2.7.gem
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
Library home page: https://rubygems.org/gems/rack-2.2.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rack-2.2.7.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11.
Publish Date: 2025-03-04
URL: CVE-2025-27111
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-8cgq-6mh2-7j6v
Release Date: 2025-03-04
Fix Resolution: 3.0.13
Vulnerable Library - actionmailer-7.0.4.3.gem
Email on Rails. Compose, deliver, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments.
Library home page: https://rubygems.org/gems/actionmailer-7.0.4.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/actionmailer-7.0.4.3.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the block_format helper in Action Mailer. Carefully crafted text can cause the block_format helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid calling the
block_formathelper or upgrade to Ruby 3.2. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 requires Ruby 3.2 or greater so is unaffected.Publish Date: 2024-10-16
URL: CVE-2024-47889
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-h47h-mwp9-c6q6
Release Date: 2024-10-16
Fix Resolution: actionmailer - 6.1.7.9,7.0.8.5,7.1.4.1,7.2.1.1
Vulnerable Library - actiontext-7.0.4.3.gem
Edit and display rich text in Rails applications.
Library home page: https://rubygems.org/gems/actiontext-7.0.4.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/actiontext-7.0.4.3.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the
plain_text_for_blockquote_node helperin Action Text. Carefully crafted text can cause theplain_text_for_blockquote_nodehelper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid callingplain_text_for_blockquote_nodeor upgrade to Ruby 3.2. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 depends on Ruby 3.2 or greater so is unaffected.Publish Date: 2024-10-16
URL: CVE-2024-47888
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-wwhv-wxv9-rpgw
Release Date: 2024-10-16
Fix Resolution: actiontext - 6.1.7.9,7.0.8.5,7.1.4.1,7.2.1.1
Vulnerable Library - actionpack-7.0.4.3.gem
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-7.0.4.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/actionpack-7.0.4.3.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authentication via
authenticate_or_request_with_http_tokenor similar, a carefully crafted header may cause header parsing to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. One may choose to use Ruby 3.2 as a workaround.Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 depends on Ruby 3.2 or greater so is unaffected.Publish Date: 2024-10-16
URL: CVE-2024-47887
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-vfg9-r3fq-jvx4
Release Date: 2024-10-16
Fix Resolution: actionpack - 6.1.7.9,7.0.8.5,7.1.4.1,7.2.1.1
Vulnerable Library - rack-2.2.7.gem
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
Library home page: https://rubygems.org/gems/rack-2.2.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rack-2.2.7.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Ruby 3.2 has mitigations for this problem, so Rack applications using Ruby 3.2 or newer are unaffected. This vulnerability is fixed in 2.0.9.4, 2.1.4.4, 2.2.8.1, and 3.0.9.1.
Publish Date: 2024-02-28
URL: CVE-2024-26146
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2024-26146
Release Date: 2024-02-28
Fix Resolution: rack - 2.0.9.4,2.1.4.4,2.2.8.1,3.0.9.1
Vulnerable Library - rails-7.0.4.3.gem
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-7.0.4.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rails-7.0.4.3.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak. The vulnerability is fixed in 7.0.8.1 and 6.1.7.7.
Publish Date: 2024-02-27
URL: CVE-2024-26144
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.Vulnerable Library - rack-2.2.7.gem
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
Library home page: https://rubygems.org/gems/rack-2.2.7.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rack-2.2.7.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Rack is a modular Ruby web server interface. Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability (ReDos 2nd degree polynomial). This vulnerability is patched in 3.0.9.1 and 2.2.8.1.
Publish Date: 2024-02-28
URL: CVE-2024-25126
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-22f2-v57c-j9cx
Release Date: 2024-02-28
Fix Resolution: rack - 2.2.8.1,3.0.9.1
Vulnerable Library - rails-html-sanitizer-1.5.0.gem
HTML sanitization for Rails applications
Library home page: https://rubygems.org/gems/rails-html-sanitizer-1.5.0.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rails-html-sanitizer-1.5.0.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails >= 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may allow an attacker to inject content if HTML5 sanitization is enabled and the application developer has overridden the sanitizer's allowed tags for the the "noscript" element. This vulnerability is fixed in 1.6.1.
Publish Date: 2024-12-02
URL: CVE-2024-53989
CVSS 3 Score Details (4.7)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-rxv5-gxqc-xx8g
Release Date: 2024-12-02
Fix Resolution: rails-html-sanitizer - 1.6.1
Vulnerable Library - rails-html-sanitizer-1.5.0.gem
HTML sanitization for Rails applications
Library home page: https://rubygems.org/gems/rails-html-sanitizer-1.5.0.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rails-html-sanitizer-1.5.0.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails >= 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may allow an attacker to inject content if HTML5 sanitization is enabled and the application developer has overridden the sanitizer's allowed tags where the "math", "mtext", "table", and "style" elements are allowed and either either "mglyph" or "malignmark" are allowed. This vulnerability is fixed in 1.6.1.
Publish Date: 2024-12-02
URL: CVE-2024-53988
CVSS 3 Score Details (4.7)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-cfjx-w229-hgx5
Release Date: 2024-12-02
Fix Resolution: rails-html-sanitizer - 1.6.1
Vulnerable Library - rails-html-sanitizer-1.5.0.gem
HTML sanitization for Rails applications
Library home page: https://rubygems.org/gems/rails-html-sanitizer-1.5.0.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rails-html-sanitizer-1.5.0.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails >= 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may allow an attacker to inject content if HTML5 sanitization is enabled and the application developer has overridden the sanitizer's allowed tags where the "style" element is explicitly allowed and the "svg" or "math" element is not allowed. This vulnerability is fixed in 1.6.1.
Publish Date: 2024-12-02
URL: CVE-2024-53987
CVSS 3 Score Details (4.7)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-2x5m-9ch4-qgrr
Release Date: 2024-12-02
Fix Resolution: rails-html-sanitizer - 1.6.1
Vulnerable Library - rails-html-sanitizer-1.5.0.gem
HTML sanitization for Rails applications
Library home page: https://rubygems.org/gems/rails-html-sanitizer-1.5.0.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rails-html-sanitizer-1.5.0.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails >= 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may allow an attacker to inject content if HTML5 sanitization is enabled and the application developer has overridden the sanitizer's allowed tags where the "math" and "style" elements are both explicitly allowed. This vulnerability is fixed in 1.6.1.
Publish Date: 2024-12-02
URL: CVE-2024-53986
CVSS 3 Score Details (4.7)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-638j-pmjw-jq48
Release Date: 2024-12-02
Fix Resolution: rails-html-sanitizer - 1.6.1
Vulnerable Library - rails-html-sanitizer-1.5.0.gem
HTML sanitization for Rails applications
Library home page: https://rubygems.org/gems/rails-html-sanitizer-1.5.0.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rails-html-sanitizer-1.5.0.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails >= 7.1.0 and Nokogiri < 1.15.7, or 1.16.x < 1.16.8. The XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may allow an attacker to inject content if HTML5 sanitization is enabled and the application developer has overridden the sanitizer's allowed tags with both "math" and "style" elements or both both "svg" and "style" elements. This vulnerability is fixed in 1.6.1.
Publish Date: 2024-12-02
URL: CVE-2024-53985
CVSS 3 Score Details (4.7)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-w8gc-x259-rc7x
Release Date: 2024-12-02
Fix Resolution: rails-html-sanitizer - 1.6.1
Vulnerable Library - activesupport-7.0.4.3.gem
A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing.
Library home page: https://rubygems.org/gems/activesupport-7.0.4.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activesupport-7.0.4.3.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Active Support Possibly Discloses Locally Encrypted Files
Publish Date: 2025-01-09
URL: CVE-2023-38037
CVSS 3 Score Details (4.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-cr5q-6q9f-rq6q
Release Date: 2024-11-29
Fix Resolution: activesupport - 6.1.7.5,7.0.7.1
Vulnerable Library - actionpack-7.0.4.3.gem
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-7.0.4.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/actionpack-7.0.4.3.gem
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
A possible Cross-Site Scripting (XSS) vulnerability was found in actionpack gem. The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header. The vulnerability is fixed in versions 6.1.7.4 and 7.0.5.1.
Publish Date: 2025-01-09
URL: CVE-2023-28362
CVSS 3 Score Details (4.0)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132
Release Date: 2024-12-03
Fix Resolution: actionpack - 6.1.7.3,7.0.5.1
⛑️Automatic Remediation will be attempted for this issue.
The text was updated successfully, but these errors were encountered: