Skip to content

Commit

Permalink
Updated advisory posts against rubysec/ruby-advisory-db@abe5f92
Browse files Browse the repository at this point in the history
  • Loading branch information
@ThomasKoppensteiner
ThomasKoppensteiner authored and RubySec CI committed Nov 19, 2024
1 parent 96ee92a commit de10847
Showing 1 changed file with 7 additions and 3 deletions.
10 changes: 7 additions & 3 deletions advisories/_posts/2024-11-01-CVE-2024-21510.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,13 +24,17 @@ advisory:
handling the X-Forwarded-Host header, attackers can potentially
exploit Cache Poisoning or Routing-based SSRF.
cvss_v3: 5.4
notes: Never patched
patched_versions:
- ">= 4.1.0"
related:
url:
- https://nvd.nist.gov/vuln/detail/CVE-2024-21510
- https://security.snyk.io/vuln/SNYK-RUBY-SINATRA-6483832
- https://github.com/sinatra/sinatra/pull/2010
- https://github.com/advisories/GHSA-hxx2-7vcw-mqr3
- https://github.com/sinatra/sinatra/blob/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a/lib/sinatra/base.rb#L319
- https://github.com/sinatra/sinatra/blob/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a/lib/sinatra/base.rb#L323C1-L343C17
- https://github.com/advisories/GHSA-hxx2-7vcw-mqr3
- https://github.com/sinatra/sinatra/issues/2052
- https://github.com/sinatra/sinatra/pull/2010
- https://github.com/sinatra/sinatra/pull/2053
- https://github.com/sinatra/sinatra/commit/cd3e00de20ddaff34ea30f7a74a7b9dad189d1d8
---

0 comments on commit de10847

Please sign in to comment.