CVE-2024-21510

{"id": "CVE-2024-21510", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "report@snyk.io", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2024-11-01T05:15:05.640", "references": [{"url": "https://github.com/sinatra/sinatra/blob/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a/lib/sinatra/base.rb%23L319", "source": "report@snyk.io"}, {"url": "https://github.com/sinatra/sinatra/blob/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a/lib/sinatra/base.rb%23L323C1-L343C17", "source": "report@snyk.io"}, {"url": "https://github.com/sinatra/sinatra/pull/2010", "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-RUBY-SINATRA-6483832", "source": "report@snyk.io"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "report@snyk.io", "description": [{"lang": "en", "value": "CWE-807"}]}], "descriptions": [{"lang": "en", "value": "Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host (XFH) header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into this header. If used for caching purposes, such as with servers like Nginx, or as a reverse proxy, without handling the X-Forwarded-Host header, attackers can potentially exploit Cache Poisoning or Routing-based SSRF."}, {"lang": "es", "value": "Las versiones del paquete sinatra a partir de la versi\u00f3n 0.0.0 son vulnerables a la dependencia de entradas no confiables en una decisi\u00f3n de seguridad a trav\u00e9s del encabezado X-Forwarded-Host (XFH). Al realizar una solicitud a un m\u00e9todo con redirecci\u00f3n aplicada, es posible desencadenar un ataque de redirecci\u00f3n abierta insertando una direcci\u00f3n arbitraria en este encabezado. Si se utiliza con fines de almacenamiento en cach\u00e9, como con servidores como Nginx, o como un proxy inverso, sin manejar el encabezado X-Forwarded-Host, los atacantes pueden explotar potencialmente el envenenamiento de cach\u00e9 o SSRF basada en enrutamiento."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "report@snyk.io"}