File tree 2 files changed +114
-0
lines changed 2 files changed +114
-0
lines changed Original file line number Diff line number Diff line change
1
+ ---
2
+ layout : advisory
3
+ title : ' CVE-2024-32978 (kaminari): Insecure File Permissions vulnerability in kaminari'
4
+ comments : false
5
+ categories :
6
+ - kaminari
7
+ advisory :
8
+ gem : kaminari
9
+ cve : 2024-32978
10
+ ghsa : 7r3j-qmr4-jfpj
11
+ url : https://nvd.nist.gov/vuln/detail/CVE-2024-32978
12
+ title : Insecure File Permissions vulnerability in kaminari
13
+ date : 2024-05-27
14
+ description : |
15
+ kaminari versions prior to 0.16.2 are vulnerable to an Insecure File
16
+ Permissions vulnerability, where certain files within the kaminari gem have
17
+ insecure file permissions.
18
+
19
+ Versions Affected: < 0.16.2
20
+ Fixed Versions: >= 0.16.2
21
+
22
+ # Impact
23
+
24
+ An attacker with local access could write arbitrary code to the affected files
25
+ resulting in arbitrary code execution.
26
+
27
+ # Releases
28
+
29
+ The fixed releases are available at the normal locations.
30
+
31
+ # Workarounds
32
+
33
+ Manually set the permissions of the affected files to `644`.
34
+
35
+ ## All Affected Versions:
36
+
37
+ ```
38
+ lib/kaminari/models/page_scope_methods.rb
39
+ ```
40
+
41
+ ## Version 0.15.0 and 0.15.1:
42
+
43
+ ```
44
+ spec/models/mongo_mapper/mongo_mapper_spec.rb
45
+ ```
46
+
47
+ ## Version 0.16.0:
48
+
49
+ ```
50
+ spec/models/mongo_mapper/mongo_mapper_spec.rb
51
+ spec/models/mongoid/mongoid_spec.rb
52
+ ```
53
+
54
+ ## Version 0.16.1:
55
+
56
+ ```
57
+ spec/models/active_record/scopes_spec.rb
58
+ spec/models/mongo_mapper/mongo_mapper_spec.rb
59
+ spec/models/mongoid/mongoid_spec.rb
60
+ gemfiles/data_mapper_12.gemfile
61
+ gemfiles/active_record_32.gemfile
62
+ ```
63
+ cvss_v3 : 6.6
64
+ patched_versions :
65
+ - " >= 0.16.2"
66
+ related :
67
+ url :
68
+ - https://github.com/kaminari/kaminari/security/advisories/GHSA-7r3j-qmr4-jfpj
69
+ ---
Original file line number Diff line number Diff line change
1
+ ---
2
+ layout : advisory
3
+ title : ' CVE-2024-35231 (rack-contrib): Denial of Service in rack-contrib via "profiler_runs"
4
+ parameter'
5
+ comments : false
6
+ categories :
7
+ - rack-contrib
8
+ advisory :
9
+ gem : rack-contrib
10
+ cve : 2024-35231
11
+ ghsa : 8c8q-2xw3-j869
12
+ url : https://nvd.nist.gov/vuln/detail/CVE-2024-35231
13
+ title : Denial of Service in rack-contrib via "profiler_runs" parameter
14
+ date : 2024-05-27
15
+ description : |
16
+ rack-contrib prior to version 2.5.0 is vulnerable to a Denial of Service
17
+ via the `profiler_runs` HTTP request parameter.
18
+
19
+ Versions Affected: < 2.5.0
20
+ Fixed Versions: >= 2.5.0
21
+
22
+ # Impact
23
+
24
+ An attacker can trigger a Denial of Service by sending an HTTP request with
25
+ an overly large `profiler_runs` parameter.
26
+
27
+ ```shell
28
+ curl "http://127.0.0.1:9292/?profiler_runs=9999999999&profile=process_time"
29
+ ```
30
+
31
+ # Releases
32
+
33
+ The fixed releases are available at the normal locations.
34
+
35
+ # Workarounds
36
+
37
+ There are no feasible workarounds for this issue.
38
+ cvss_v3 : 8.6
39
+ patched_versions :
40
+ - " >= 2.5.0"
41
+ related :
42
+ url :
43
+ - https://github.com/rack/rack-contrib/commit/0eec2a9836329051c6742549e65a94a4c24fe6f7
44
+ - https://github.com/advisories/GHSA-8c8q-2xw3-j869
45
+ ---
You can’t perform that action at this time.
0 commit comments