Updated advisory posts against rubysec/ruby-advisory-db@a30efc4

rubysec · Nov 2, 2024 · 5e1d0c5 · 5e1d0c5
1 parent 96d91e8
commit 5e1d0c5
Showing 1 changed file with 36 additions and 0 deletions.
diff --git a/advisories/_posts/2024-11-01-CVE-2024-21510.md b/advisories/_posts/2024-11-01-CVE-2024-21510.md
@@ -0,0 +1,36 @@
+---
+layout: advisory
+title: 'CVE-2024-21510 (sinatra): Sinatra vulnerable to Reliance on Untrusted Inputs
+  in a Security Decision'
+comments: false
+categories:
+- sinatra
+advisory:
+  gem: sinatra
+  cve: 2024-21510
+  ghsa: hxx2-7vcw-mqr3
+  url: https://github.com/advisories/GHSA-hxx2-7vcw-mqr3
+  title: Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision
+  date: 2024-11-01
+  description: |
+    Versions of the package sinatra from 0.0.0 are vulnerable to
+    Reliance on Untrusted Inputs in a Security Decision via the
+    X-Forwarded-Host (XFH) header.
+
+    When making a request to a method with redirect applied, it is
+    possible to trigger an Open Redirect Attack by inserting an
+    arbitrary address into this header. If used for caching purposes,
+    such as with servers like Nginx, or as a reverse proxy, without
+    handling the X-Forwarded-Host header, attackers can potentially
+    exploit Cache Poisoning or Routing-based SSRF.
+  cvss_v3: 5.4
+  notes: Never patched
+  related:
+    url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-21510
+    - https://security.snyk.io/vuln/SNYK-RUBY-SINATRA-6483832
+    - https://github.com/sinatra/sinatra/pull/2010
+    - https://github.com/sinatra/sinatra/blob/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a/lib/sinatra/base.rb#L319
+    - https://github.com/sinatra/sinatra/blob/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a/lib/sinatra/base.rb#L323C1-L343C17
+    - https://github.com/advisories/GHSA-hxx2-7vcw-mqr3
+---