{"containers":{"cna":{"affected":[{"product":"https://github.com/rails/rails","vendor":"n/a","versions":[{"status":"affected","version":"Fixed in 6.1.3.2"}]}],"descriptions":[{"lang":"en","value":"The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain \"allowed host\" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to CVE-2021-22881. Strings in config.hosts that do not have a leading dot are converted to regular expressions without proper escaping. This causes, for example, `config.hosts << \"sub.example.com\"` to permit a request with a Host header value of `sub-example.com`."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-601","description":"Open Redirect (CWE-601)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-06-11T15:49:38.000Z","orgId":"36234546-b8fa-4601-9d6f-f4e334aa8ea1","shortName":"hackerone"},"references":[{"tags":["x_refsource_MISC"],"url":"https://hackerone.com/reports/1148025"},{"tags":["x_refsource_MISC"],"url":"https://discuss.rubyonrails.org/t/cve-2021-22903-possible-open-redirect-vulnerability-in-action-pack/77867"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"support@hackerone.com","ID":"CVE-2021-22903","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"https://github.com/rails/rails","version":{"version_data":[{"version_value":"Fixed in 6.1.3.2"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain \"allowed host\" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to CVE-2021-22881. Strings in config.hosts that do not have a leading dot are converted to regular expressions without proper escaping. This causes, for example, `config.hosts << \"sub.example.com\"` to permit a request with a Host header value of `sub-example.com`."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Open Redirect (CWE-601)"}]}]},"references":{"reference_data":[{"name":"https://hackerone.com/reports/1148025","refsource":"MISC","url":"https://hackerone.com/reports/1148025"},{"name":"https://discuss.rubyonrails.org/t/cve-2021-22903-possible-open-redirect-vulnerability-in-action-pack/77867","refsource":"MISC","url":"https://discuss.rubyonrails.org/t/cve-2021-22903-possible-open-redirect-vulnerability-in-action-pack/77867"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T18:58:25.786Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://hackerone.com/reports/1148025"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://discuss.rubyonrails.org/t/cve-2021-22903-possible-open-redirect-vulnerability-in-action-pack/77867"}]}]},"cveMetadata":{"assignerOrgId":"36234546-b8fa-4601-9d6f-f4e334aa8ea1","assignerShortName":"hackerone","cveId":"CVE-2021-22903","datePublished":"2021-06-11T15:49:38.000Z","dateReserved":"2021-01-06T00:00:00.000Z","dateUpdated":"2024-08-03T18:58:25.786Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}