{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-26142"
      ],
      "details": "Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected.",
      "id": "GSD-2024-26142",
      "modified": "2024-02-15T06:02:25.094983Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2024-26142",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "rails",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "\u003e= 7.1.0, \u003c 7.1.3.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "rails"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-1333",
                "lang": "eng",
                "value": "CWE-1333: Inefficient Regular Expression Complexity"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq",
            "refsource": "MISC",
            "url": "https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq"
          },
          {
            "name": "https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272",
            "refsource": "MISC",
            "url": "https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272"
          },
          {
            "name": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946",
            "refsource": "MISC",
            "url": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946"
          },
          {
            "name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml",
            "refsource": "MISC",
            "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-jjhx-jhvp-74wq",
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected."
          },
          {
            "lang": "es",
            "value": "Rails es un framework de aplicaci\u00f3n web. A partir de la versi\u00f3n 7.1.0, existe una posible vulnerabilidad ReDoS en las rutinas de an\u00e1lisis del encabezado Aceptar de Action Dispatch. Esta vulnerabilidad est\u00e1 parcheada en 7.1.3.1. Ruby 3.2 tiene mitigaciones para este problema, por lo que las aplicaciones Rails que usan Ruby 3.2 o posterior no se ven afectadas."
          }
        ],
        "id": "CVE-2024-26142",
        "lastModified": "2024-02-28T14:07:00.563",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "source": "security-advisories@github.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-02-27T16:15:46.600",
        "references": [
          {
            "source": "security-advisories@github.com",
            "url": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml"
          }
        ],
        "sourceIdentifier": "security-advisories@github.com",
        "vulnStatus": "Awaiting Analysis",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-1333"
              }
            ],
            "source": "security-advisories@github.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F37CC5DE-B363-478B-B8F2-393412E05802",
              "versionEndExcluding": "7.1.3.1",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F841AE5D-60DD-4E3A-854A-9B7B906BF7E7",
              "versionEndExcluding": "3.2.0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected."
    },
    {
      "lang": "es",
      "value": "Rails es un framework de aplicaci\u00f3n web. A partir de la versi\u00f3n 7.1.0, existe una posible vulnerabilidad ReDoS en las rutinas de an\u00e1lisis del encabezado Aceptar de Action Dispatch. Esta vulnerabilidad est\u00e1 parcheada en 7.1.3.1. Ruby 3.2 tiene mitigaciones para este problema, por lo que las aplicaciones Rails que usan Ruby 3.2 o posterior no se ven afectadas."
    }
  ],
  "id": "CVE-2024-26142",
  "lastModified": "2025-02-14T16:22:23.763",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-02-27T16:15:46.600",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20240503-0003/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20240503-0003/"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1333"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1333"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "actionpack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.1.0"
            },
            {
              "fixed": "7.1.3.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-26142"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-27T21:41:09Z",
    "nvd_published_at": "2024-02-27T16:15:46Z",
    "severity": "LOW"
  },
  "details": "# Possible ReDoS vulnerability in Accept header parsing in Action Dispatch\n\nThere is a possible ReDoS vulnerability in the Accept header parsing routines\nof Action Dispatch. This vulnerability has been assigned the CVE identifier\nCVE-2024-26142.\n\nVersions Affected:  \u003e= 7.1.0, \u003c 7.1.3.1\nNot affected:       \u003c 7.1.0\nFixed Versions:     7.1.3.1\n\nImpact\n------\nCarefully crafted Accept headers can cause Accept header parsing in Action\nDispatch to take an unexpected amount of time, possibly resulting in a DoS\nvulnerability.  All users running an affected release should either upgrade or\nuse one of the workarounds immediately.\n\nRuby 3.2 has mitigations for this problem, so Rails applications using Ruby\n3.2 or newer are unaffected.\n\nReleases\n--------\nThe fixed releases are available at the normal locations.\n\nWorkarounds\n-----------\nThere are no feasible workarounds for this issue.\n\nPatches\n-------\nTo aid users who aren\u0027t able to upgrade immediately we have provided patches for\nthe two supported release series. They are in git-am format and consist of a\nsingle changeset.\n\n* 7-1-accept-redox.patch - Patch for 7.1 series\n\nCredits\n-------\nThanks [svalkanov](https://hackerone.com/svalkanov) for the report and patch!",
  "id": "GHSA-jjhx-jhvp-74wq",
  "modified": "2024-03-01T23:30:38Z",
  "published": "2024-02-27T21:41:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26142"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272"
    },
    {
      "type": "WEB",
      "url": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rails/rails"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Rails has possible ReDoS vulnerability in Accept header parsing in Action Dispatch"
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ruby on Rails versions 7.1.x ant\u00e9rieures \u00e0 7.1.3.1",
      "product": {
        "name": "Ruby on Rails",
        "vendor": {
          "name": "Ruby on Rails",
          "scada": false
        }
      }
    },
    {
      "description": "Rack versions 3.0.x ant\u00e9rieures \u00e0 3.0.9.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ruby on Rails",
          "scada": false
        }
      }
    },
    {
      "description": "Ruby on Rails versions ant\u00e9rieures \u00e0 6.1.7.7",
      "product": {
        "name": "Ruby on Rails",
        "vendor": {
          "name": "Ruby on Rails",
          "scada": false
        }
      }
    },
    {
      "description": "Ruby on Rails versions 7.0.x ant\u00e9rieures \u00e0 7.0.8.1",
      "product": {
        "name": "Ruby on Rails",
        "vendor": {
          "name": "Ruby on Rails",
          "scada": false
        }
      }
    },
    {
      "description": "Rack versions ant\u00e9rieures \u00e0 2.2.8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ruby on Rails",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2024-25126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
    },
    {
      "name": "CVE-2024-26143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26143"
    },
    {
      "name": "CVE-2024-26146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
    },
    {
      "name": "CVE-2024-26141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
    },
    {
      "name": "CVE-2024-26142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26142"
    },
    {
      "name": "CVE-2024-26144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26144"
    }
  ],
  "initial_release_date": "2024-02-23T00:00:00",
  "last_revision_date": "2024-02-23T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0160",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-02-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Ruby on Rails.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection\nde code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Ruby on Rails",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84946 du 21 f\u00e9vrier 2024",
      "url": "https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84941 du 21 f\u00e9vrier 2024",
      "url": "https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84944 du 21 f\u00e9vrier 2024",
      "url": "https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84942 du 21 f\u00e9vrier 2024",
      "url": "https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84945 du 21 f\u00e9vrier 2024",
      "url": "https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ruby on Rails 84947 du 21 f\u00e9vrier 2024",
      "url": "https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947"
    }
  ]
}