Skip to content

Commit 9fd379b

Browse files
ThomasKoppensteinerThomasKoppensteiner
committed
Added patched_versions to CVE 2024-21510
1 parent 152f634 commit 9fd379b

File tree

1 file changed

+3
-2
lines changed

1 file changed

+3
-2
lines changed

gems/sinatra/CVE-2024-21510.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ cve: 2024-21510
44
ghsa: hxx2-7vcw-mqr3
55
url: https://github.com/advisories/GHSA-hxx2-7vcw-mqr3
66
title: Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision
7-
date: 2024-11-01
7+
date: 2024-11-19
88
description: |
99
Versions of the package sinatra from 0.0.0 are vulnerable to
1010
Reliance on Untrusted Inputs in a Security Decision via the
@@ -17,7 +17,8 @@ description: |
1717
handling the X-Forwarded-Host header, attackers can potentially
1818
exploit Cache Poisoning or Routing-based SSRF.
1919
cvss_v3: 5.4
20-
notes: Never patched
20+
patched_versions:
21+
- ">= 4.1.0"
2122
related:
2223
url:
2324
- https://nvd.nist.gov/vuln/detail/CVE-2024-21510

0 commit comments

Comments
 (0)