First published: Tue Dec 14 2021(Updated: )
A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.
Credit: support@hackerone.com support@hackerone.com support@hackerone.com
Affected Software | Affected Version | How to fix |
---|---|---|
debian/rails | 2:5.2.2.1+dfsg-1+deb10u3 2:5.2.2.1+dfsg-1+deb10u5 2:6.0.3.7+dfsg-2+deb11u2 2:6.1.7.3+dfsg-1 2:6.1.7.3+dfsg-2 | |
debian/rails | <=2:6.1.4.1+dfsg-8<=2:6.0.3.7+dfsg-2 | |
Rubyonrails Rails | =6.0.4.2 | |
Rubyonrails Rails | =6.1.4.2 | |
Rubyonrails Rails | =7.0.0-rc2 | |
rubygems/actionpack | >=6.1.0<=6.1.4.1 | 6.1.4.2 |
rubygems/actionpack | >=6.0.0<=6.0.4.1 | 6.0.4.2 |
=6.0.4.2 | ||
=6.1.4.2 | ||
=7.0.0-rc2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-44528 is an open redirect vulnerability in Action Pack, a component of Ruby on Rails.
CVE-2021-44528 can be exploited by an attacker using specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats to redirect users to a malicious website.
Applications using Action Pack versions between 6.0.0 and 6.0.4.1 or between 6.1.0 and 6.1.4.1 may be impacted by CVE-2021-44528.
CVE-2021-44528 has a severity rating of 6.1 (High).
To mitigate CVE-2021-44528, upgrade to version 6.0.4.2 or 6.1.4.2 of Action Pack, which contain the necessary fixes.