CVE-2021-22881 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-22881 PUBLISHED

The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. Impacted applications will have allowed hosts with a leading dot. When an allowed host contains a leading dot, a specially crafted `Host` header can be used to redirect to a malicious website.

EPSS 15.45% · 94.6th percentile

Risk Scores

EPSS Score

15.45%

94.6th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:Pro:16.04:LTS	rails	0, 2:4.1.10-1, 2:4.2.5-1
Ubuntu:Pro:22.04:LTS	rails	2:6.0.3.7+dfsg-2, *, 2:6.1.4.1+dfsg-8ubuntu2+esm1
Ubuntu:25.10	rails	2:7.2.2.1+dfsg-7, 0, 2:6.1.7.3+dfsg-7
Ubuntu:24.04:LTS	rails	2:6.1.7.3+dfsg-3, 0, 2:6.1.7.3+dfsg-2build1
Ubuntu:Pro:18.04:LTS	rails	2:4.2.10-0ubuntu4+esm2, 2:4.2.10-0ubuntu4+esm1, 2:4.2.10-0ubuntu4
Ubuntu:Pro:20.04:LTS	rails	0, 2:5.2.3+dfsg-3, 2:5.2.3+dfsg-3ubuntu0.1~esm1

Timeline

CVE Published
Feb 11, 2021 PoC Published
Feb 11, 2021 PoC Published
Apr 14, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Mar 17, 2025 EPSS Score
Mar 24, 2025 EPSS Score
Mar 29, 2025 EPSS Score
Mar 30, 2025 EPSS Score
May 1, 2025 EPSS Score

References

https://ubuntu.com/security/CVE-2021-22881 third-party-advisory
https://discuss.rubyonrails.org/t/cve-2021-22881-possible-open-redirect-in-host-authorization-middleware/77130 third-party-advisory
https://hackerone.com/reports/1047447 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2021-22881 third-party-advisory

Open in Interactive Console →