CVE-2022-45442 – sinatra

Package

Manager: gem
Name: sinatra
Vulnerable Version: >=3.0 <3.0.4 || >=2.0.0 <2.2.3

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00142 pctl0.34949

Details

Sinatra vulnerable to Reflected File Download attack ### Description An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input. ### References * https://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Reflected-File-Download-A-New-Web-Attack-Vector.pdf * https://github.com/advisories/GHSA-8x94-hmjh-97hq

Metadata

Created: 2022-11-30T21:18:34Z
Modified: 2022-12-12T20:48:37Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/11/GHSA-2x8x-jmrp-phxw/GHSA-2x8x-jmrp-phxw.json
CWE IDs: ["CWE-494"]
Alternative ID: GHSA-2x8x-jmrp-phxw
Finding: F086
Auto approve: 1