CVE-2021-31810 — Resource Exposure in Ruby

CWE-668 — Resource Exposure CWE-200 — Sensitive Information Exposure9 documents8 sources

Severity

5.8MEDIUMNVD

OSV7.0

EPSS

0.6%

top 29.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Jruby Oracle JD Edwards Enterpriseone Tools Ruby-lang Ruby +1 more

Timeline

PublishedJul 13

Latest updateMay 24

Description

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶Debianjruby/jruby< 9.3.9.0+ds-1+2

▶NVDruby-lang/ruby2.7.0 — 2.7.3+2

▶NVDoracle/jd_edwards_enterpriseone_tools< 9.2.6.1

Also affects: Debian Linux 9.0

Patches

Patch: hackerone.com ↗Patch: www.oracle.com ↗Patch: hackerone.com ↗

🔴Vulnerability Details

GHSA

GHSA-wr95-679j-87v9: An issue was discovered in Ruby through 2↗2022-05-24

▶

OSV

ruby2.3, ruby2.5, ruby2.7 vulnerabilities↗2021-07-21

▶

OSV

CVE-2021-31810: An issue was discovered in Ruby through 2↗2021-07-13

▶

CVEList

CVE-2021-31810: An issue was discovered in Ruby through 2↗2021-07-13

▶

📋Vendor Advisories

Ubuntu

Ruby vulnerabilities↗2021-07-21

▶

Red Hat

ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host↗2021-07-07

▶

Debian

CVE-2021-31810: jruby - An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x thro...↗2021

▶

💬Community

Bugzilla

CVE-2021-31810 ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host↗2021-07-07

▶