CVE-2021-41819

ADVISORY - github

Summary

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem prior to versions 0.3.1, 0.2.1, 0.1.1, and 0.1.0.1 for Ruby.

EPSS Score⁠: 0.00881 (0.746)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-565⁠

Reliance on Cookies without Validation and Integrity Checking

ADVISORY - github

CWE-565⁠

Reliance on Cookies without Validation and Integrity Checking

ADVISORY - gitlab

CWE-1035⁠

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-565⁠

Reliance on Cookies without Validation and Integrity Checking

CWE-937⁠

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Impacted images

Advisories

NIST

CREATED

4 years ago

UPDATED

6 months ago

ADVISORY IDCVE-2021-41819⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-565⁠

CVSS SCORE

7.5high

GitHub

CREATED

4 years ago

UPDATED

2 years ago

ADVISORY IDGHSA-4vf4-qmvg-mh7h⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-565⁠

CVSS SCORE

7.5high

Alpine

CREATED

4 years ago

UPDATED

3 days ago

ADVISORY IDCVE-2021-41819⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

4 years ago

UPDATED

1 month ago

ADVISORY IDCVE-2021-41819⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

4 years ago

UPDATED

8 months ago

ADVISORY IDCVE-2021-41819⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

GitLab

CREATED

4 years ago

UPDATED

2 years ago

ADVISORY ID

CVE-2021-41819

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-1035⁠CWE-565⁠CWE-937⁠

CVSS SCORE

7.5high

Alma

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDALSA-2022:0543⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDALSA-2022:5779⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDALSA-2022:6447⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDALSA-2022:6450⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALAS2-2024-2486⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Bitnami

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY ID

BIT-2021-41819

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Bitnami

CREATED

2 years ago

UPDATED

7 months ago

ADVISORY ID

BIT-ruby-2021-41819

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5high

Bitnami

CREATED

10 months ago

UPDATED

7 months ago

ADVISORY ID

BIT-ruby-min-2021-41819

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5high

Red Hat

CREATED

4 years ago

UPDATED

8 months ago

ADVISORY IDCVE-2021-41819⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

Rocky

CREATED

4 years ago

UPDATED

8 months ago

ADVISORY IDRLSA-2022:0543⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

3 years ago

UPDATED

8 months ago

ADVISORY IDRLSA-2022:5779⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Rocky

CREATED

3 years ago

UPDATED

8 months ago

ADVISORY IDRLSA-2022:6447⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Rocky

CREATED

3 years ago

UPDATED

8 months ago

ADVISORY IDRLSA-2022:6450⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Oracle

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDELSA-2022-0543⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDELSA-2022-5779⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDELSA-2022-6447⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDELSA-2022-6450⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Photon

CREATED

1 year ago

UPDATED

2 months ago

ADVISORY ID

CVE-2021-41819

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5high

intheWild

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY IDCVE-2021-41819⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY