VDB
CVE-2021-22903
CVE-2021-22903
PUBLISHED
The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to CVE-2021-22881. Strings in config.hosts that do not have a leading dot are converted to regular expressions without proper escaping. This causes, for example, `config.hosts << "sub.example.com"` to permit a request with a Host header value of `sub-example.com`.
EPSS 0.10% · 26.5th percentile
Risk Scores
EPSS Score
0.10%
26.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:18.04:LTS | rails | 2:4.2.10-0ubuntu4+esm1, 0, 2:4.2.9-2 |
| AWS | config | |
| Ubuntu:Pro:20.04:LTS | rails | 0, 2:5.2.3+dfsg-3ubuntu0.1~esm1, 2:5.2.3+dfsg-3 |
| Ubuntu:25.10 | rails | *, 2:6.1.7.3+dfsg-7, 0 |
| Ubuntu:24.04:LTS | rails | 0, 2:6.1.7.3+dfsg-2build1, 2:6.1.7.3+dfsg-3 |
| Ubuntu:Pro:16.04:LTS | rails | *, 2:4.2.6-1ubuntu0.1~esm2, 2:4.2.6-1ubuntu0.1~esm1 |
| Ubuntu:Pro:22.04:LTS | rails | 2:6.0.3.7+dfsg-2, 0, * |
Timeline
- May 5, 2021 CVE Published
- Jun 12, 2021 EPSS Score
- Aug 13, 2021 EPSS Score
- Oct 12, 2021 EPSS Score
- Dec 12, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 12, 2022 EPSS Score
- Jun 12, 2022 EPSS Score
- Aug 13, 2022 EPSS Score
- Oct 12, 2022 EPSS Score
- Dec 12, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-22903 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-22903 third-party-advisory