GHSA SYNC: 1 brand new advisory

rubysec · Nov 2, 2024 · a30efc4 · a30efc4
1 parent d6a9089
commit a30efc4
Showing 1 changed file with 28 additions and 0 deletions.
diff --git a/gems/sinatra/CVE-2024-21510.yml b/gems/sinatra/CVE-2024-21510.yml
@@ -0,0 +1,28 @@
+---
+gem: sinatra
+cve: 2024-21510
+ghsa: hxx2-7vcw-mqr3
+url: https://github.com/advisories/GHSA-hxx2-7vcw-mqr3
+title: Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision
+date: 2024-11-01
+description: |
+  Versions of the package sinatra from 0.0.0 are vulnerable to
+  Reliance on Untrusted Inputs in a Security Decision via the
+  X-Forwarded-Host (XFH) header.
+
+  When making a request to a method with redirect applied, it is
+  possible to trigger an Open Redirect Attack by inserting an
+  arbitrary address into this header. If used for caching purposes,
+  such as with servers like Nginx, or as a reverse proxy, without
+  handling the X-Forwarded-Host header, attackers can potentially
+  exploit Cache Poisoning or Routing-based SSRF.
+cvss_v3: 5.4
+notes: Never patched
+related:
+  url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-21510
+    - https://security.snyk.io/vuln/SNYK-RUBY-SINATRA-6483832
+    - https://github.com/sinatra/sinatra/pull/2010
+    - https://github.com/sinatra/sinatra/blob/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a/lib/sinatra/base.rb#L319
+    - https://github.com/sinatra/sinatra/blob/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a/lib/sinatra/base.rb#L323C1-L343C17
+    - https://github.com/advisories/GHSA-hxx2-7vcw-mqr3