From 786e9571d41e0dc5b4ed6e6ab96e7038196bcdf8 Mon Sep 17 00:00:00 2001 From: ag Date: Tue, 27 Feb 2024 08:43:11 +0100 Subject: [PATCH] commit by to_remotes 2024-02-27 08:43:11 +0100 from vmdevac --- bundle-audit-time.txt | 2 +- bundle-audit.json | 2 +- report.txt | 42 +++++++++++++++++++++++++++++++++++++++++- update-info.txt | 16 +--------------- 4 files changed, 44 insertions(+), 18 deletions(-) diff --git a/bundle-audit-time.txt b/bundle-audit-time.txt index 7f4df79..85606be 100644 --- a/bundle-audit-time.txt +++ b/bundle-audit-time.txt @@ -1 +1 @@ -2024-02-27T08:12:04+01:00 +2024-02-27T08:43:10+01:00 diff --git a/bundle-audit.json b/bundle-audit.json index 3ec461e..2d5a1e1 100644 --- a/bundle-audit.json +++ b/bundle-audit.json @@ -1 +1 @@ -{"version":"0.9.1","created_at":"2024-02-27 08:12:03 +0100","results":[]} \ No newline at end of file +{"version":"0.9.1","created_at":"2024-02-27 08:43:10 +0100","results":[{"type":"unpatched_gem","gem":{"name":"actionpack","version":"7.1.3"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/actionpack/CVE-2024-26142.yml","id":"CVE-2024-26142","url":"https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946","title":"Possible ReDoS vulnerability in Accept header parsing in Action Dispatch","date":"2024-02-21","description":"There is a possible ReDoS vulnerability in the Accept header parsing routines\nof Action Dispatch. This vulnerability has been assigned the CVE identifier\nCVE-2024-26142.\n\nVersions Affected: >= 7.1.0, < 7.1.3.1 Not affected: < 7.1.0 Fixed Versions: 7.1.3.1\n\n# Impact\n\nCarefully crafted Accept headers can cause Accept header parsing in\nAction Dispatch to take an unexpected amount of time, possibly resulting in a\nDoS vulnerability. All users running an affected release should either upgrade\nor use one of the workarounds immediately.\n\nRuby 3.2 has mitigations for this problem, so Rails applications using\nRuby 3.2 or newer are unaffected.\n\n# Releases\n\nThe fixed releases are available at the normal locations.\n\n# Workarounds\n\nThere are no feasible workarounds for this issue.\n","cvss_v2":null,"cvss_v3":null,"cve":"2024-26142","osvdb":null,"ghsa":null,"unaffected_versions":["< 7.1.0"],"patched_versions":[">= 7.1.3.1"],"criticality":null}},{"type":"unpatched_gem","gem":{"name":"actionpack","version":"7.1.3"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/actionpack/CVE-2024-26143.yml","id":"CVE-2024-26143","url":"https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947","title":"Possible XSS Vulnerability in Action Controller","date":"2024-02-21","description":"There is a possible XSS vulnerability when using the translation helpers\n(`translate`, `t`, etc) in Action Controller. This vulnerability has been\nassigned the CVE identifier CVE-2024-26143.\n\nVersions Affected: >= 7.0.0\nNot affected: < 7.0.0\nFixed Versions: 7.1.3.1, 7.0.8.1\n\n# Impact\n\nApplications using translation methods like `translate`, or `t` on a\ncontroller, with a key ending in “_html”, a `:default` key which contains\nuntrusted user input, and the resulting string is used in a view, may be\nsusceptible to an XSS vulnerability.\n\nFor example, impacted code will look something like this:\n\n```\nclass ArticlesController < ApplicationController\n def show\n @message = t(\"message_html\", default: untrusted_input)\n # The `show` template displays the contents of `@message`\n end\nend\n```\n\nTo reiterate the pre-conditions, applications must:\n\n* Use a translation function from a controller (i.e. *not* `I18n.t`, or\n`t` from a view)\n* Use a key that ends in `_html`\n* Use a default value where the default value is untrusted and unescaped input\n* Send the text to the victim (whether that’s part of a template, or a\n `render` call)\n\nAll users running an affected release should either upgrade or use one of the workarounds immediately.\n\n# Releases\n\nThe fixed releases are available at the normal locations.\n\n# Workarounds\n\nThere are no feasible workarounds for this issue.\n","cvss_v2":null,"cvss_v3":null,"cve":"2024-26143","osvdb":null,"ghsa":null,"unaffected_versions":["< 7.0.0"],"patched_versions":["~> 7.0.8, >= 7.0.8.1",">= 7.1.3.1"],"criticality":null}},{"type":"unpatched_gem","gem":{"name":"rack","version":"3.0.9"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/rack/CVE-2024-25126.yml","id":"CVE-2024-25126","url":"https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941","title":"Denial of Service Vulnerability in Rack Content-Type Parsing","date":"2024-02-21","description":"There is a possible denial of service vulnerability in the content type\nparsing component of Rack. This vulnerability has been assigned the CVE\nidentifier CVE-2024-25126.\n\nVersions Affected: >= 0.4 Not affected: < 0.4 Fixed Versions: 3.0.9.1, 2.2.8.1\n\n# Impact\n\nCarefully crafted content type headers can cause Rack’s media type parser to\ntake much longer than expected, leading to a possible denial of service\nvulnerability.\n\nImpacted code will use Rack’s media type parser to parse content type headers.\nThis code will look like below:\n\n```\nrequest.media_type\n\n## OR\nrequest.media_type_params\n\n## OR\nRack::MediaType.type(content_type)\n```\n\nSome frameworks (including Rails) call this code internally, so upgrading is\nrecommended!\n\nAll users running an affected release should either upgrade or use one of the\nworkarounds immediately.\n\n# Releases\n\nThe fixed releases are available at the normal locations.\n\n# Workarounds\n\nThere are no feasible workarounds for this issue.\n","cvss_v2":null,"cvss_v3":null,"cve":"2024-25126","osvdb":null,"ghsa":null,"unaffected_versions":["< 0.4"],"patched_versions":["~> 2.2.8, >= 2.2.8.1",">= 3.0.9.1"],"criticality":null}},{"type":"unpatched_gem","gem":{"name":"rack","version":"3.0.9"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/rack/CVE-2024-26141.yml","id":"CVE-2024-26141","url":"https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944","title":"Possible DoS Vulnerability with Range Header in Rack","date":"2024-02-21","description":"There is a possible DoS vulnerability relating to the Range request header in\nRack. This vulnerability has been assigned the CVE identifier CVE-2024-26141.\n\nVersions Affected: >= 1.3.0. Not affected: < 1.3.0 Fixed Versions: 3.0.9.1, 2.2.8.1\n\n# Impact\n\nCarefully crafted Range headers can cause a server to respond with an\nunexpectedly large response. Responding with such large responses could lead\nto a denial of service issue.\n\nVulnerable applications will use the `Rack::File` middleware or the\n`Rack::Utils.byte_ranges` methods (this includes Rails applications).\n\n# Releases\n\nThe fixed releases are available at the normal locations.\n\n# Workarounds\n\nThere are no feasible workarounds for this issue.\n","cvss_v2":null,"cvss_v3":null,"cve":"2024-26141","osvdb":null,"ghsa":null,"unaffected_versions":["< 1.3.0"],"patched_versions":["~> 2.2.8, >= 2.2.8.1",">= 3.0.9.1"],"criticality":null}},{"type":"unpatched_gem","gem":{"name":"rack","version":"3.0.9"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/rack/CVE-2024-26146.yml","id":"CVE-2024-26146","url":"https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942","title":"Possible Denial of Service Vulnerability in Rack Header Parsing","date":"2024-02-21","description":"There is a possible denial of service vulnerability in the header parsing\nroutines in Rack. This vulnerability has been assigned the CVE identifier\nCVE-2024-26146.\n\nVersions Affected: All. Not affected: None Fixed Versions: 2.0.9.4, 2.1.4.4, 2.2.8.1, 3.0.9.1\n\n# Impact\n\nCarefully crafted headers can cause header parsing in Rack to take longer than\nexpected resulting in a possible denial of service issue. `Accept` and\n`Forwarded` headers are impacted.\n\nRuby 3.2 has mitigations for this problem, so Rack applications using\nRuby 3.2 or newer are unaffected.\n\n# Releases\n\nThe fixed releases are available at the normal locations.\n\n# Workarounds\n\nThere are no feasible workarounds for this issue.\n","cvss_v2":null,"cvss_v3":null,"cve":"2024-26146","osvdb":null,"ghsa":null,"unaffected_versions":[],"patched_versions":["~> 2.0.9, >= 2.0.9.4","~> 2.1.4, >= 2.1.4.4","~> 2.2.8, >= 2.2.8.1",">= 3.0.9.1"],"criticality":null}}]} \ No newline at end of file diff --git a/report.txt b/report.txt index 8900c02..c2a3203 100644 --- a/report.txt +++ b/report.txt @@ -1 +1,41 @@ -No vulnerabilities found +Name: actionpack +Version: 7.1.3 +CVE: CVE-2024-26142 +Criticality: Unknown +URL: https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946 +Title: Possible ReDoS vulnerability in Accept header parsing in Action Dispatch +Solution: upgrade to '>= 7.1.3.1' + +Name: actionpack +Version: 7.1.3 +CVE: CVE-2024-26143 +Criticality: Unknown +URL: https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947 +Title: Possible XSS Vulnerability in Action Controller +Solution: upgrade to '~> 7.0.8, >= 7.0.8.1', '>= 7.1.3.1' + +Name: rack +Version: 3.0.9 +CVE: CVE-2024-25126 +Criticality: Unknown +URL: https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941 +Title: Denial of Service Vulnerability in Rack Content-Type Parsing +Solution: upgrade to '~> 2.2.8, >= 2.2.8.1', '>= 3.0.9.1' + +Name: rack +Version: 3.0.9 +CVE: CVE-2024-26141 +Criticality: Unknown +URL: https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944 +Title: Possible DoS Vulnerability with Range Header in Rack +Solution: upgrade to '~> 2.2.8, >= 2.2.8.1', '>= 3.0.9.1' + +Name: rack +Version: 3.0.9 +CVE: CVE-2024-26146 +Criticality: Unknown +URL: https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942 +Title: Possible Denial of Service Vulnerability in Rack Header Parsing +Solution: upgrade to '~> 2.0.9, >= 2.0.9.4', '~> 2.1.4, >= 2.1.4.4', '~> 2.2.8, >= 2.2.8.1', '>= 3.0.9.1' + +Vulnerabilities found! diff --git a/update-info.txt b/update-info.txt index 9cf29bc..fb58890 100644 --- a/update-info.txt +++ b/update-info.txt @@ -1,19 +1,5 @@ Updating ruby-advisory-db ... -Updating 4dbb13b..fc2aa0d -Fast-forward - gems/actionpack/CVE-2024-26142.yml | 35 +++++++++++++++++++++ - gems/actionpack/CVE-2024-26143.yml | 57 +++++++++++++++++++++++++++++++++++ - gems/activestorage/CVE-2024-26144.yml | 43 ++++++++++++++++++++++++++ - gems/rack/CVE-2024-25126.yml | 57 +++++++++++++++++++++++++++++++++++ - gems/rack/CVE-2024-26141.yml | 40 ++++++++++++++++++++++++ - gems/rack/CVE-2024-26146.yml | 41 +++++++++++++++++++++++++ - 6 files changed, 273 insertions(+) - create mode 100644 gems/actionpack/CVE-2024-26142.yml - create mode 100644 gems/actionpack/CVE-2024-26143.yml - create mode 100644 gems/activestorage/CVE-2024-26144.yml - create mode 100644 gems/rack/CVE-2024-25126.yml - create mode 100644 gems/rack/CVE-2024-26141.yml - create mode 100644 gems/rack/CVE-2024-26146.yml +Already up to date. Updated ruby-advisory-db ruby-advisory-db: advisories: 874 advisories