CVE-2021-44528

A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.

Published: Jan 10, 2022
Updated: Feb 10, 2024
CVE: CVE-2021-44528
GHSA: GHSA-qphc-hf5q-v8fc
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.1
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

CWE-601

Affected Software
References

Software	From	Fixed in
rubyonrails / rails	7.0.0-rc2	7.0.0-rc2.x
rubyonrails / rails	6.1.4.2	6.1.4.2.x
rubyonrails / rails	6.0.4.2	6.0.4.2.x
actionpack	6.0.0	6.0.4.2
actionpack	6.1.0	6.1.4.2

https://github.com/rails/rails/blob/v6.1.4.2/actionpack/CHANGELOG.md#rails-6142-december-14-2021
https://github.com/rails/rails/commit/0fccfb9a3097a9c4260c791f1a40b128517e7815
https://github.com/rails/rails/commit/aecba3c301b80e9d5a63c30ea1b287bceaf2c107
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2021-44528.yml
https://groups.google.com/g/ruby-security-ann/c/vG9gz3nk1pM/m/7-NU4MNrDAAJ
https://groups.google.com/g/ruby-security-ann/c/vG9gz3nk1pM/m/7-NU4MNrDAAJ?utm_medium=email&utm_source=footer
https://security.netapp.com/advisory/ntap-20240208-0003/
https://www.debian.org/security/2023/dsa-5372

Vulnerability Database

289,697

CVE-2021-44528