Skip to content

Commit

Permalink
Added patched_versions to CVE 2024-21510
Browse files Browse the repository at this point in the history
  • Loading branch information
@ThomasKoppensteiner
ThomasKoppensteiner committed Nov 19, 2024
1 parent 152f634 commit 9fd379b
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions gems/sinatra/CVE-2024-21510.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ cve: 2024-21510
ghsa: hxx2-7vcw-mqr3
url: https://github.com/advisories/GHSA-hxx2-7vcw-mqr3
title: Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision
date: 2024-11-01
date: 2024-11-19
description: |
Versions of the package sinatra from 0.0.0 are vulnerable to
Reliance on Untrusted Inputs in a Security Decision via the
Expand All @@ -17,7 +17,8 @@ description: |
handling the X-Forwarded-Host header, attackers can potentially
exploit Cache Poisoning or Routing-based SSRF.
cvss_v3: 5.4
notes: Never patched
patched_versions:
- ">= 4.1.0"
related:
url:
- https://nvd.nist.gov/vuln/detail/CVE-2024-21510
Expand Down

0 comments on commit 9fd379b

Please sign in to comment.