CVE-2021-21288 — Server-Side Request Forgery in Carrierwave

CWE-918 — Server-Side Request Forgery6 documents5 sources

Severity

4.3MEDIUMNVD

EPSS

0.2%

top 57.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Carrierwaveuploader Carrierwave Carrierwave Project Carrierwave

Timeline

PublishedFeb 8

Description

CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and 2.1.1 the download feature has an SSRF vulnerability, allowing attacks to provide DNS entries or IP addresses that are intended for internal use and gather information about the Intranet infrastructure of the platform. This is fixed in versions 1.3.2 and 2.1.1.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

▶CVEListV5carrierwaveuploader/carrierwave< 1.3.2+1

▶NVDcarrierwave_project/carrierwave2.0.1 — 2.1.1+1

▶RubyGemscarrierwave_project/carrierwave2.0.0 — 2.1.1+1

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

Server-side request forgery in CarrierWave↗2021-02-08

▶

GHSA

Server-side request forgery in CarrierWave↗2021-02-08

▶

OSV

CVE-2021-21288: CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications↗2021-02-08

▶

OSV

Server-side request forgery in CarrierWave↗2021-02-08

▶

📋Vendor Advisories

Debian

CVE-2021-21288: ruby-carrierwave - CarrierWave is an open-source RubyGem which provides a simple and flexible way t...↗2021

▶