CVE-2024-26144
published 2024-02-27CVE-2024-26144: Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active…
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak. The vulnerability is fixed in 7.0.8.1 and 6.1.7.7.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | rails | < rails 2:6.1.7.10+dfsg-1~deb12u1 (bookworm) | rails 2:6.1.7.10+dfsg-1~deb12u1 (bookworm) |
| rails | activestorage | >= 5.2.0 < 6.1.7.7 | 6.1.7.7 |
| rails | activestorage | >= 7.0.0 < 7.0.8.1 | 7.0.8.1 |
| rails | rails | — | — |
| rails | rails | — | — |
| rubyonrails | rails | >= 0 < 2:6.1.7.10+dfsg-1~deb12u1 | 2:6.1.7.10+dfsg-1~deb12u1 |
| rubyonrails | rails | >= 0 < 2:7.2.2.1+dfsg-1 | 2:7.2.2.1+dfsg-1 |
| rubyonrails | rails | >= 0 < 2:7.2.2.1+dfsg-1 | 2:7.2.2.1+dfsg-1 |
| rubyonrails | rails | >= 5.2.0 < 6.1.7.7 | 6.1.7.7 |
| rubyonrails | rails | >= 7.0.0 < 7.1.0 | 7.1.0 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
ghsa5.3MEDIUM
osv5.3MEDIUM