Oval Definition:	oval:org.opensuse.security:def:202144528
Revision Date: 2022-06-30 Version: 1 Title: CVE-2021-44528 Description: A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2021-44528 SUSE CVE-2021-44528 Platform(s): openSUSE Tumbleweed SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Tumbleweed is installed AND ruby3.1-rubygem-actionpack-6.0-6.0.4.4-1.1 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND ruby2.1-rubygem-actionpack-4_2 is not affected Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND ruby2.1-rubygem-actionpack-4_2 is not affected
BACK