← voltar
CVE-2021-22942

CVE-2021-22942

EPSS 1.6%CWE-601
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.6%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
18 out 2021Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect users to a malicious website.
Produtos afetados
n/a · https://github.com/rails/rails

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://security.netapp.com/advisory/ntap-20240202-0005/https://weblog.rubyonrails.org/2021/8/19/Rails-6-0-4-1-and-6-1-4-1-have-been-released/https://www.debian.org/security/2023/dsa-5372http://www.openwall.com/lists/oss-security/2021/12/14/5