CVE-2022-21831 – activestorage

Package

Manager: gem
Name: activestorage
Vulnerable Version: >=5.2.0 <5.2.6.3 || >=6.0.0 <6.0.4.7 || >=6.1.0 <6.1.4.7 || >=7.0.0 <7.0.2.3

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.01141 pctl0.77617

Details

Possible code injection vulnerability in Rails / Active Storage The Active Storage module of Rails starting with version 5.2.0 is possibly vulnerable to code injection. This issue was patched in versions 5.2.6.3, 6.0.4.7, 6.1.4.7, and 7.0.2.3. To work around this issue, applications should implement a strict allow-list on accepted transformation methods or arguments. Additionally, a strict ImageMagick security policy will help mitigate this issue.

Metadata

Created: 2022-03-08T21:25:54Z
Modified: 2022-06-21T15:59:23Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-w749-p3v6-hccq/GHSA-w749-p3v6-hccq.json
CWE IDs: ["CWE-94"]
Alternative ID: GHSA-w749-p3v6-hccq
Finding: F422
Auto approve: 1