Bugzilla – Bug 1182160
VUL-0: CVE-2021-22881: rubygem-actionpack: open redirect vulnerability via `Host` headers
Last modified: 2021-02-12 08:37:44 UTC
CVE-2021-22881 The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. Impacted applications will have allowed hosts with a leading dot. When an allowed host contains a leading dot, a specially crafted `Host` header can be used to redirect to a malicious website. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22881 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22881 https://discuss.rubyonrails.org/t/cve-2021-22881-possible-open-redirect-in-host-authorization-middleware/77130 https://hackerone.com/reports/1047447
https://discuss.rubyonrails.org/t/cve-2021-22881-possible-open-redirect-in-host-authorization-middleware/77130 Not affected: < 6.0.0 Fixed Versions: 6.1.2.1, 6.0.3.5 Only Factory is affected. All SUSE and openSUSE versions are prior 6.0.0. openSUSE:Factory/rubygem-actionpack-6.0 Closing bug.