Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 5f9d7cd

Browse files
postmodernRubySec CI
authored and
RubySec CI
committedMay 30, 2024·
Updated advisory posts against rubysec/ruby-advisory-db@0d91567
1 parent 9d4a484 commit 5f9d7cd

File tree

2 files changed

+114
-0
lines changed

2 files changed

+114
-0
lines changed
 
Lines changed: 69 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,69 @@
1+
---
2+
layout: advisory
3+
title: 'CVE-2024-32978 (kaminari): Insecure File Permissions vulnerability in kaminari'
4+
comments: false
5+
categories:
6+
- kaminari
7+
advisory:
8+
gem: kaminari
9+
cve: 2024-32978
10+
ghsa: 7r3j-qmr4-jfpj
11+
url: https://nvd.nist.gov/vuln/detail/CVE-2024-32978
12+
title: Insecure File Permissions vulnerability in kaminari
13+
date: 2024-05-27
14+
description: |
15+
kaminari versions prior to 0.16.2 are vulnerable to an Insecure File
16+
Permissions vulnerability, where certain files within the kaminari gem have
17+
insecure file permissions.
18+
19+
Versions Affected: < 0.16.2
20+
Fixed Versions: >= 0.16.2
21+
22+
# Impact
23+
24+
An attacker with local access could write arbitrary code to the affected files
25+
resulting in arbitrary code execution.
26+
27+
# Releases
28+
29+
The fixed releases are available at the normal locations.
30+
31+
# Workarounds
32+
33+
Manually set the permissions of the affected files to `644`.
34+
35+
## All Affected Versions:
36+
37+
```
38+
lib/kaminari/models/page_scope_methods.rb
39+
```
40+
41+
## Version 0.15.0 and 0.15.1:
42+
43+
```
44+
spec/models/mongo_mapper/mongo_mapper_spec.rb
45+
```
46+
47+
## Version 0.16.0:
48+
49+
```
50+
spec/models/mongo_mapper/mongo_mapper_spec.rb
51+
spec/models/mongoid/mongoid_spec.rb
52+
```
53+
54+
## Version 0.16.1:
55+
56+
```
57+
spec/models/active_record/scopes_spec.rb
58+
spec/models/mongo_mapper/mongo_mapper_spec.rb
59+
spec/models/mongoid/mongoid_spec.rb
60+
gemfiles/data_mapper_12.gemfile
61+
gemfiles/active_record_32.gemfile
62+
```
63+
cvss_v3: 6.6
64+
patched_versions:
65+
- ">= 0.16.2"
66+
related:
67+
url:
68+
- https://github.com/kaminari/kaminari/security/advisories/GHSA-7r3j-qmr4-jfpj
69+
---
Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
---
2+
layout: advisory
3+
title: 'CVE-2024-35231 (rack-contrib): Denial of Service in rack-contrib via "profiler_runs"
4+
parameter'
5+
comments: false
6+
categories:
7+
- rack-contrib
8+
advisory:
9+
gem: rack-contrib
10+
cve: 2024-35231
11+
ghsa: 8c8q-2xw3-j869
12+
url: https://nvd.nist.gov/vuln/detail/CVE-2024-35231
13+
title: Denial of Service in rack-contrib via "profiler_runs" parameter
14+
date: 2024-05-27
15+
description: |
16+
rack-contrib prior to version 2.5.0 is vulnerable to a Denial of Service
17+
via the `profiler_runs` HTTP request parameter.
18+
19+
Versions Affected: < 2.5.0
20+
Fixed Versions: >= 2.5.0
21+
22+
# Impact
23+
24+
An attacker can trigger a Denial of Service by sending an HTTP request with
25+
an overly large `profiler_runs` parameter.
26+
27+
```shell
28+
curl "http://127.0.0.1:9292/?profiler_runs=9999999999&profile=process_time"
29+
```
30+
31+
# Releases
32+
33+
The fixed releases are available at the normal locations.
34+
35+
# Workarounds
36+
37+
There are no feasible workarounds for this issue.
38+
cvss_v3: 8.6
39+
patched_versions:
40+
- ">= 2.5.0"
41+
related:
42+
url:
43+
- https://github.com/rack/rack-contrib/commit/0eec2a9836329051c6742549e65a94a4c24fe6f7
44+
- https://github.com/advisories/GHSA-8c8q-2xw3-j869
45+
---

0 commit comments

Comments
 (0)
Please sign in to comment.