Vulnerability-Lookup

CVE-2022-23633 (GCVE-0-2022-23633)

Vulnerability from cvelistv5 – Published: 2022-02-11 00:00 – Updated: 2024-08-03 03:51

Title

Exposure of sensitive information in Action Pack

Summary

Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used.

Severity ?

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

GitHub_M

References

URL

	Vendor	Product	Version
	rails	rails	Affected: >= 7.0.0.0, < 7.0.2.1 Affected: >= 6.1.0.0, < 6.1.4.5 Affected: >= 6.0.0.0, < 6.0.4.5 Affected: >= 5.0.0, < 5.2.6.1

FKIE_CVE-2022-23633

Vulnerability from fkie_nvd - Published: 2022-02-11 21:15 - Updated: 2024-11-21 06:48

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
security-advisories@github.com	http://www.openwall.com/lists/oss-security/2022/02/11/5	Mailing List, Mitigation, Patch, Third Party Advisory
security-advisories@github.com	https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9	Mitigation, Third Party Advisory
security-advisories@github.com	https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html	Mailing List, Third Party Advisory
security-advisories@github.com	https://security.netapp.com/advisory/ntap-20240119-0013/
security-advisories@github.com	https://www.debian.org/security/2023/dsa-5372	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2022/02/11/5	Mailing List, Mitigation, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9	Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20240119-0013/
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2023/dsa-5372	Third Party Advisory

Impacted products

Vendor	Product	Version
rubyonrails	rails	*
rubyonrails	rails	*
rubyonrails	rails	*
rubyonrails	rails	*
debian	debian_linux	10.0
debian	debian_linux	11.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "799C8F9A-10DD-4840-AAB5-F444DDA46FE2",
              "versionEndExcluding": "5.2.6.2",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB7B860B-0F93-4C93-8C95-29D259A38C43",
              "versionEndExcluding": "6.0.4.6",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8FC3F82-3521-470B-910E-395895BAB248",
              "versionEndExcluding": "6.1.4.6",
              "versionStartIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC6C96FF-285D-4378-86FF-AFB70FC339A3",
              "versionEndExcluding": "7.0.2.2",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used."
    },
    {
      "lang": "es",
      "value": "Action Pack es un marco de trabajo para manejar y responder a peticiones web. Bajo determinadas circunstancias los cuerpos de las respuestas no son cerradas. En el caso de que una respuesta *no* sea notificada de un \"close\", \"ActionDispatch::Executor\" no sabr\u00e1 restablecer el estado local del hilo para la siguiente petici\u00f3n. Esto puede conllevar a que sean filtrados datos a las siguientes peticiones. Esto ha sido corregido en Rails versiones 7.0.2.1, 6.1.4.5, 6.0.4.5 y 5.2.6.1. Es recomendado encarecidamente actualizar, pero para mitigar este problema puede usarse el middleware descrito en GHSA-wh98-p28r-vrc9"
    }
  ],
  "id": "CVE-2022-23633",
  "lastModified": "2024-11-21T06:48:58.787",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.2,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-02-11T21:15:11.990",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Mailing List",
        "Mitigation",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2022/02/11/5"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://security.netapp.com/advisory/ntap-20240119-0013/"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5372"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Mitigation",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2022/02/11/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20240119-0013/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5372"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-212"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2022-AVI-143

Vulnerability from certfr_avis - Published: 2022-02-14 - Updated: 2022-02-14

Une vulnérabilité a été découverte dans Ruby on Rails. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ruby on Rails	N/A	Rails versions 7.0.x antérieures à 7.0.2.1
Ruby on Rails	N/A	Rails versions 5.2.x antérieures à 5.2.6.1
Ruby on Rails	N/A	Rails versions 6.1.x antérieures à 6.1.4.5
Ruby on Rails	N/A	Rails versions 6.0.x antérieures à 6.0.4.5

References

Title

Publication Time

GSD-2022-23633

Vulnerability from gsd - Updated: 2022-02-11 00:00

Details

## Impact Under certain circumstances response bodies will not be closed, for example a bug in a webserver (https://github.com/puma/puma/pull/2812) or a bug in a Rack middleware. In the event a response is not notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests, especially when interacting with `ActiveSupport::CurrentAttributes`. Upgrading to the FIXED versions of Rails will ensure mitigation if this issue even in the context of a buggy webserver or middleware implementation. ## Patches This has been fixed in Rails 7.0.2.2, 6.1.4.6, 6.0.4.6, and 5.2.6.2. ## Workarounds Upgrading is highly recommended, but to work around this problem the following middleware can be used: ``` class GuardedExecutor < ActionDispatch::Executor def call(env) ensure_completed! super end private def ensure_completed! @executor.new.complete! if @executor.active? end end # Ensure the guard is inserted before ActionDispatch::Executor Rails.application.configure do config.middleware.swap ActionDispatch::Executor, GuardedExecutor, executor end ```

Aliases

CVE-2022-23633

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-23633",
    "description": "Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used.",
    "id": "GSD-2022-23633",
    "references": [
      "https://www.suse.com/security/cve/CVE-2022-23633.html",
      "https://access.redhat.com/errata/RHSA-2022:5498",
      "https://www.debian.org/security/2023/dsa-5372"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "affected": [
        {
          "package": {
            "ecosystem": "RubyGems",
            "name": "actionpack",
            "purl": "pkg:gem/actionpack"
          }
        }
      ],
      "aliases": [
        "CVE-2022-23633",
        "GHSA-wh98-p28r-vrc9"
      ],
      "details": "## Impact\n\nUnder certain circumstances response bodies will not be closed, for example a\nbug in a webserver (https://github.com/puma/puma/pull/2812) or a bug in a Rack\nmiddleware. In the event a response is not notified of a `close`,\n`ActionDispatch::Executor` will not know to reset thread local state for the\nnext request. This can lead to data being leaked to subsequent requests,\nespecially when interacting with `ActiveSupport::CurrentAttributes`.\n\nUpgrading to the FIXED versions of Rails will ensure mitigation if this issue\neven in the context of a buggy webserver or middleware implementation.\n\n## Patches\n\nThis has been fixed in Rails 7.0.2.2, 6.1.4.6, 6.0.4.6, and 5.2.6.2.\n\n## Workarounds\n\nUpgrading is highly recommended, but to work around this problem the following\nmiddleware can be used:\n\n```\nclass GuardedExecutor \u003c ActionDispatch::Executor\n  def call(env)\n    ensure_completed!\n    super\n  end\n\n  private\n\n    def ensure_completed!\n      @executor.new.complete! if @executor.active?\n    end\nend\n\n# Ensure the guard is inserted before ActionDispatch::Executor\nRails.application.configure do\n  config.middleware.swap ActionDispatch::Executor, GuardedExecutor, executor\nend\n```",
      "id": "GSD-2022-23633",
      "modified": "2022-02-11T00:00:00.000Z",
      "published": "2022-02-11T00:00:00.000Z",
      "references": [
        {
          "type": "WEB",
          "url": "https://groups.google.com/g/ruby-security-ann/c/FkTM-_7zSNA/m/K2RiMJBlBAAJ"
        },
        {
          "type": "WEB",
          "url": "https://github.com/rails/rails/commit/10c64a472f2f19a5e485bdac7d5106a76aeb29a5"
        },
        {
          "type": "WEB",
          "url": "https://github.com/rails/rails/blob/7-0-stable/actionpack/CHANGELOG.md#rails-7021-february-11-2022"
        }
      ],
      "schema_version": "1.4.0",
      "severity": [
        {
          "score": 7.4,
          "type": "CVSS_V3"
        }
      ],
      "summary": "Possible exposure of information vulnerability in Action Pack"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2022-23633",
        "STATE": "PUBLIC",
        "TITLE": "Exposure of sensitive information in Action Pack"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "rails",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003e= 7.0.0.0, \u003c 7.0.2.1"
                        },
                        {
                          "version_value": "\u003e= 6.1.0.0, \u003c 6.1.4.5"
                        },
                        {
                          "version_value": "\u003e= 6.0.0.0, \u003c 6.0.4.5"
                        },
                        {
                          "version_value": "\u003e= 5.0.0, \u003c 5.2.6.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "rails"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9",
            "refsource": "CONFIRM",
            "url": "https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9"
          },
          {
            "name": "https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da",
            "refsource": "MISC",
            "url": "https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da"
          },
          {
            "name": "[oss-security] 20220211 [CVE-2022-23633] Possible exposure of information vulnerability in Action Pack",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2022/02/11/5"
          },
          {
            "name": "[debian-lts-announce] 20220903 [SECURITY] [DLA 3093-1] rails security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html"
          },
          {
            "name": "DSA-5372",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2023/dsa-5372"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20240119-0013/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20240119-0013/"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-wh98-p28r-vrc9",
        "discovery": "UNKNOWN"
      }
    },
    "github.com/rubysec/ruby-advisory-db": {
      "cve": "2022-23633",
      "cvss_v3": 7.4,
      "date": "2022-02-11",
      "description": "## Impact\n\nUnder certain circumstances response bodies will not be closed, for example a\nbug in a webserver (https://github.com/puma/puma/pull/2812) or a bug in a Rack\nmiddleware. In the event a response is not notified of a `close`,\n`ActionDispatch::Executor` will not know to reset thread local state for the\nnext request. This can lead to data being leaked to subsequent requests,\nespecially when interacting with `ActiveSupport::CurrentAttributes`.\n\nUpgrading to the FIXED versions of Rails will ensure mitigation if this issue\neven in the context of a buggy webserver or middleware implementation.\n\n## Patches\n\nThis has been fixed in Rails 7.0.2.2, 6.1.4.6, 6.0.4.6, and 5.2.6.2.\n\n## Workarounds\n\nUpgrading is highly recommended, but to work around this problem the following\nmiddleware can be used:\n\n```\nclass GuardedExecutor \u003c ActionDispatch::Executor\n  def call(env)\n    ensure_completed!\n    super\n  end\n\n  private\n\n    def ensure_completed!\n      @executor.new.complete! if @executor.active?\n    end\nend\n\n# Ensure the guard is inserted before ActionDispatch::Executor\nRails.application.configure do\n  config.middleware.swap ActionDispatch::Executor, GuardedExecutor, executor\nend\n```",
      "framework": "rails",
      "gem": "actionpack",
      "ghsa": "wh98-p28r-vrc9",
      "patched_versions": [
        "~\u003e 5.2.6, \u003e= 5.2.6.2",
        "~\u003e 6.0.4, \u003e= 6.0.4.6",
        "~\u003e 6.1.4, \u003e= 6.1.4.6",
        "\u003e= 7.0.2.2"
      ],
      "related": {
        "url": [
          "https://github.com/rails/rails/commit/10c64a472f2f19a5e485bdac7d5106a76aeb29a5",
          "https://github.com/rails/rails/blob/7-0-stable/actionpack/CHANGELOG.md#rails-7021-february-11-2022"
        ]
      },
      "title": "Possible exposure of information vulnerability in Action Pack",
      "unaffected_versions": [
        "\u003c 5.0.0"
      ],
      "url": "https://groups.google.com/g/ruby-security-ann/c/FkTM-_7zSNA/m/K2RiMJBlBAAJ"
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003e=5.0.0.0 \u003c=5.2.6.1||\u003e=6.0.0.0 \u003c=6.0.4.5||\u003e=6.1.0.0 \u003c=6.1.4.5||\u003e=7.0.0.0 \u003c=7.0.2.1",
          "affected_versions": "All versions starting from 5.0.0.0 up to 5.2.6.1, all versions starting from 6.0.0.0 up to 6.0.4.5, all versions starting from 6.1.0.0 up to 6.1.4.5, all versions starting from 7.0.0.0 up to 7.0.2.1",
          "cwe_ids": [
            "CWE-1035",
            "CWE-200",
            "CWE-937"
          ],
          "date": "2022-02-11",
          "description": "Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used.",
          "fixed_versions": [
            "5.2.6.2",
            "6.0.4.6",
            "6.1.4.6",
            "7.0.2.2"
          ],
          "identifier": "CVE-2022-23633",
          "identifiers": [
            "GHSA-wh98-p28r-vrc9",
            "CVE-2022-23633"
          ],
          "not_impacted": "All versions before 5.0.0.0, all versions after 5.2.6.1 before 6.0.0.0, all versions after 6.0.4.5 before 6.1.0.0, all versions after 6.1.4.5 before 7.0.0.0, all versions after 7.0.2.1",
          "package_slug": "gem/actionpack",
          "pubdate": "2022-02-11",
          "solution": "Upgrade to versions 5.2.6.2, 6.0.4.6, 6.1.4.6, 7.0.2.2 or above.",
          "title": "Exposure of Sensitive Information to an Unauthorized Actor",
          "urls": [
            "https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9",
            "https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da",
            "https://discuss.rubyonrails.org/t/cve-2022-23633-possible-exposure-of-information-vulnerability-in-action-pack/80016",
            "https://rubyonrails.org/2022/2/11/Rails-7-0-2-2-6-1-4-6-6-0-4-6-and-5-2-6-2-have-been-released",
            "https://github.com/advisories/GHSA-wh98-p28r-vrc9"
          ],
          "uuid": "6617e5a1-928c-4c6a-9444-d0f05ea87a6b"
        },
        {
          "affected_range": "\u003e=5.0.0 \u003c5.2.6.2||\u003e=6.0.0 \u003c6.0.4.6||\u003e=6.1.0 \u003c6.1.4.6||\u003e=7.0.0 \u003c7.0.2.2",
          "affected_versions": "All versions starting from 5.0.0 before 5.2.6.2, all versions starting from 6.0.0 before 6.0.4.6, all versions starting from 6.1.0 before 6.1.4.6, all versions starting from 7.0.0 before 7.0.2.2",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-212",
            "CWE-937"
          ],
          "date": "2023-07-11",
          "description": "Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests. This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used.",
          "fixed_versions": [
            "5.2.6.2",
            "6.0.4.6",
            "6.1.4.6",
            "7.0.2.2"
          ],
          "identifier": "CVE-2022-23633",
          "identifiers": [
            "CVE-2022-23633",
            "GHSA-wh98-p28r-vrc9"
          ],
          "not_impacted": "All versions before 5.0.0, all versions starting from 5.2.6.2 before 6.0.0, all versions starting from 6.0.4.6 before 6.1.0, all versions starting from 6.1.4.6 before 7.0.0, all versions starting from 7.0.2.2",
          "package_slug": "gem/rails",
          "pubdate": "2022-02-11",
          "solution": "Upgrade to versions 5.2.6.2, 6.0.4.6, 6.1.4.6, 7.0.2.2 or above.",
          "title": "Exposure of information in Action Pack",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2022-23633",
            "https://github.com/advisories/GHSA-wh98-p28r-vrc9",
            "https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da",
            "http://www.openwall.com/lists/oss-security/2022/02/11/5"
          ],
          "uuid": "1eec09ea-1980-46f3-af3e-938ec60d200f"
        }
      ]
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "799C8F9A-10DD-4840-AAB5-F444DDA46FE2",
                    "versionEndExcluding": "5.2.6.2",
                    "versionStartIncluding": "5.0.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "CB7B860B-0F93-4C93-8C95-29D259A38C43",
                    "versionEndExcluding": "6.0.4.6",
                    "versionStartIncluding": "6.0.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A8FC3F82-3521-470B-910E-395895BAB248",
                    "versionEndExcluding": "6.1.4.6",
                    "versionStartIncluding": "6.1.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "AC6C96FF-285D-4378-86FF-AFB70FC339A3",
                    "versionEndExcluding": "7.0.2.2",
                    "versionStartIncluding": "7.0.0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used."
          },
          {
            "lang": "es",
            "value": "Action Pack es un marco de trabajo para manejar y responder a peticiones web. Bajo determinadas circunstancias los cuerpos de las respuestas no son cerradas. En el caso de que una respuesta *no* sea notificada de un \"close\", \"ActionDispatch::Executor\" no sabr\u00e1 restablecer el estado local del hilo para la siguiente petici\u00f3n. Esto puede conllevar a que sean filtrados datos a las siguientes peticiones. Esto ha sido corregido en Rails versiones 7.0.2.1, 6.1.4.5, 6.0.4.5 y 5.2.6.1. Es recomendado encarecidamente actualizar, pero para mitigar este problema puede usarse el middleware descrito en GHSA-wh98-p28r-vrc9"
          }
        ],
        "id": "CVE-2022-23633",
        "lastModified": "2024-01-19T16:15:08.417",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "MEDIUM",
              "cvssData": {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "NONE",
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              "exploitabilityScore": 8.6,
              "impactScore": 2.9,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.2,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.2,
              "impactScore": 5.2,
              "source": "security-advisories@github.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2022-02-11T21:15:11.990",
        "references": [
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Mailing List",
              "Mitigation",
              "Patch",
              "Third Party Advisory"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/02/11/5"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Patch",
              "Third Party Advisory"
            ],
            "url": "https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Mitigation",
              "Third Party Advisory"
            ],
            "url": "https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://security.netapp.com/advisory/ntap-20240119-0013/"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5372"
          }
        ],
        "sourceIdentifier": "security-advisories@github.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-212"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-200"
              }
            ],
            "source": "security-advisories@github.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

CNVD-2022-13387

Vulnerability from cnvd - Published: 2022-02-23

Title

Rails Action Pack信息泄露漏洞（CNVD-2022-13387）

Description

Rails Action Pack是美国Rails社区的一个web框架。提供了路由机制（将请求URL映射到动作），定义实现动作的控制器以及通过渲染视图（各种格式的模板）生成响应的机制。 Rails Action Pack存在信息泄露漏洞，攻击者可利用该漏洞导致数据泄露给后续请求。

Severity

中

Patch Name

Rails Action Pack信息泄露漏洞（CNVD-2022-13387）的补丁

Patch Description

Rails Action Pack是美国Rails社区的一个web框架。提供了路由机制（将请求URL映射到动作），定义实现动作的控制器以及通过渲染视图（各种格式的模板）生成响应的机制。 Rails Action Pack存在信息泄露漏洞，攻击者可利用该漏洞导致数据泄露给后续请求。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9

Reference

https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da

Impacted products

Name
['Rails Action Pack <7.0.2.1', 'Rails Action Pack <6.1.4.5', 'Rails Action Pack <6.0.4.5', 'Rails Action Pack <5.2.6.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-23633"
    }
  },
  "description": "Rails Action Pack\u662f\u7f8e\u56fdRails\u793e\u533a\u7684\u4e00\u4e2aweb\u6846\u67b6\u3002\u63d0\u4f9b\u4e86\u8def\u7531\u673a\u5236\uff08\u5c06\u8bf7\u6c42URL\u6620\u5c04\u5230\u52a8\u4f5c\uff09\uff0c\u5b9a\u4e49\u5b9e\u73b0\u52a8\u4f5c\u7684\u63a7\u5236\u5668\u4ee5\u53ca\u901a\u8fc7\u6e32\u67d3\u89c6\u56fe\uff08\u5404\u79cd\u683c\u5f0f\u7684\u6a21\u677f\uff09\u751f\u6210\u54cd\u5e94\u7684\u673a\u5236\u3002\n\nRails Action Pack\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u6570\u636e\u6cc4\u9732\u7ed9\u540e\u7eed\u8bf7\u6c42\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-13387",
  "openTime": "2022-02-23",
  "patchDescription": "Rails Action Pack\u662f\u7f8e\u56fdRails\u793e\u533a\u7684\u4e00\u4e2aweb\u6846\u67b6\u3002\u63d0\u4f9b\u4e86\u8def\u7531\u673a\u5236\uff08\u5c06\u8bf7\u6c42URL\u6620\u5c04\u5230\u52a8\u4f5c\uff09\uff0c\u5b9a\u4e49\u5b9e\u73b0\u52a8\u4f5c\u7684\u63a7\u5236\u5668\u4ee5\u53ca\u901a\u8fc7\u6e32\u67d3\u89c6\u56fe\uff08\u5404\u79cd\u683c\u5f0f\u7684\u6a21\u677f\uff09\u751f\u6210\u54cd\u5e94\u7684\u673a\u5236\u3002\r\n\r\nRails Action Pack\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u6570\u636e\u6cc4\u9732\u7ed9\u540e\u7eed\u8bf7\u6c42\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Rails Action Pack\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2022-13387\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Rails Action Pack \u003c7.0.2.1",
      "Rails Action Pack \u003c6.1.4.5",
      "Rails Action Pack \u003c6.0.4.5",
      "Rails Action Pack \u003c5.2.6.1"
    ]
  },
  "referenceLink": "https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da",
  "serverity": "\u4e2d",
  "submitTime": "2022-02-15",
  "title": "Rails Action Pack\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2022-13387\uff09"
}

GHSA-WH98-P28R-VRC9

Vulnerability from github – Published: 2022-02-11 20:49 – Updated: 2022-02-24 13:15

Summary

Exposure of information in Action Pack

Details

Impact

Under certain circumstances response bodies will not be closed, for example a bug in a webserver or a bug in a Rack middleware. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests, especially when interacting with ActiveSupport::CurrentAttributes.

Upgrading to the FIXED versions of Rails will ensure mitigation of this issue even in the context of a buggy webserver or middleware implementation.

Patches

This has been fixed in Rails 7.0.2.2, 6.1.4.6, 6.0.4.6, and 5.2.6.2.

Workarounds

Upgrading is highly recommended, but to work around this problem the following middleware can be used:

class GuardedExecutor < ActionDispatch::Executor
  def call(env)
    ensure_completed!
    super
  end

  private

    def ensure_completed!
      @executor.new.complete! if @executor.active?
    end
end

# Ensure the guard is inserted before ActionDispatch::Executor
Rails.application.configure do
  config.middleware.swap ActionDispatch::Executor, GuardedExecutor, executor
end

Severity ?

7.4 (High)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.2.6.1"
      },
      "package": {
        "ecosystem": "RubyGems",
        "name": "actionpack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0.0"
            },
            {
              "fixed": "5.2.6.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 6.0.4.5"
      },
      "package": {
        "ecosystem": "RubyGems",
        "name": "actionpack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0.0"
            },
            {
              "fixed": "6.0.4.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 6.1.4.5"
      },
      "package": {
        "ecosystem": "RubyGems",
        "name": "actionpack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.1.0.0"
            },
            {
              "fixed": "6.1.4.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 7.0.2.1"
      },
      "package": {
        "ecosystem": "RubyGems",
        "name": "actionpack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0.0"
            },
            {
              "fixed": "7.0.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-23633"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-212"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-02-11T20:49:14Z",
    "nvd_published_at": "2022-02-11T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nUnder certain circumstances response bodies will not be closed, for example a [bug in a webserver](https://github.com/puma/puma/pull/2812) or a bug in a Rack middleware.  In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request.  This can lead to data being leaked to subsequent requests, especially when interacting with `ActiveSupport::CurrentAttributes`.\n\nUpgrading to the FIXED versions of Rails will ensure mitigation of this issue even in the context of a buggy webserver or middleware implementation.\n\n### Patches\n\nThis has been fixed in Rails 7.0.2.2, 6.1.4.6, 6.0.4.6, and 5.2.6.2.\n\n### Workarounds\n\nUpgrading is highly recommended, but to work around this problem the following middleware can be used:\n\n```ruby\nclass GuardedExecutor \u003c ActionDispatch::Executor\n  def call(env)\n    ensure_completed!\n    super\n  end\n\n  private\n\n    def ensure_completed!\n      @executor.new.complete! if @executor.active?\n    end\nend\n\n# Ensure the guard is inserted before ActionDispatch::Executor\nRails.application.configure do\n  config.middleware.swap ActionDispatch::Executor, GuardedExecutor, executor\nend\n```",
  "id": "GHSA-wh98-p28r-vrc9",
  "modified": "2022-02-24T13:15:43Z",
  "published": "2022-02-11T20:49:14Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23633"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da"
    },
    {
      "type": "WEB",
      "url": "https://discuss.rubyonrails.org/t/cve-2022-23633-possible-exposure-of-information-vulnerability-in-action-pack/80016"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rails/rails"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2022-23633.yml"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/g/ruby-security-ann/c/FkTM-_7zSNA/m/K2RiMJBlBAAJ"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "https://rubyonrails.org/2022/2/11/Rails-7-0-2-2-6-1-4-6-6-0-4-6-and-5-2-6-2-have-been-released"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240119-0013"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5372"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/02/11/5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Exposure of information in Action Pack"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-23633 (GCVE-0-2022-23633)

FKIE_CVE-2022-23633

CERTFR-2022-AVI-143

Solution

GSD-2022-23633

CNVD-2022-13387

GHSA-WH98-P28R-VRC9

Impact

Patches

Workarounds

Tags

Sightings

Nomenclature