Updated advisory posts against rubysec/ruby-advisory-db@3e2cd72

jasnow · RubySec CI · commit 8dfc9629196c · 2025-02-13T20:34:38.000Z
diff --git a/advisories/_posts/2024-12-02-CVE-2024-53986.md b/advisories/_posts/2024-12-02-CVE-2024-53986.md
@@ -118,6 +118,7 @@ advisory:
   related:
     url:
     - https://nvd.nist.gov/vuln/detail/CVE-2024-53986
+    - https://hackerone.com/reports/2931636
     - https://github.com/rails/rails-html-sanitizer/blob/v1.6.1/CHANGELOG.md
     - https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-638j-pmjw-jq48
     - https://github.com/rails/rails-html-sanitizer/commit/f02ffbb8465e73920b6de0da940f5530f855965e
diff --git a/advisories/_posts/2024-12-02-CVE-2024-53987.md b/advisories/_posts/2024-12-02-CVE-2024-53987.md
@@ -117,6 +117,8 @@ advisory:
   related:
     url:
     - https://nvd.nist.gov/vuln/detail/CVE-2024-53987
+    - https://hackerone.com/reports/2931639
+    - https://hackerone.com/reports/2931688
     - https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-2x5m-9ch4-qgrr
     - https://github.com/rails/rails-html-sanitizer/commit/f02ffbb8465e73920b6de0da940f5530f855965e
     - https://github.com/advisories/GHSA-2x5m-9ch4-qgrr
diff --git a/advisories/_posts/2024-12-02-CVE-2024-53988.md b/advisories/_posts/2024-12-02-CVE-2024-53988.md
@@ -127,6 +127,7 @@ advisory:
   related:
     url:
     - https://nvd.nist.gov/vuln/detail/CVE-2024-53988
+    - https://hackerone.com/reports/2931710
     - https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-cfjx-w229-hgx5
     - https://github.com/rails/rails-html-sanitizer/commit/a0a3e8b76b696446ffc6bffcff3bc7b7c6393c72
     - https://github.com/advisories/GHSA-cfjx-w229-hgx5
diff --git a/advisories/_posts/2024-12-02-CVE-2024-53989.md b/advisories/_posts/2024-12-02-CVE-2024-53989.md
@@ -117,6 +117,7 @@ advisory:
   related:
     url:
     - https://nvd.nist.gov/vuln/detail/CVE-2024-53989
+    - https://hackerone.com/reports/2931691
     - https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-rxv5-gxqc-xx8g
     - https://github.com/rails/rails-html-sanitizer/commit/16251735e36ebdc302e2f90f2a39cad56879414f
     - https://github.com/advisories/GHSA-rxv5-gxqc-xx8g
diff --git a/advisories/_posts/2024-12-10-CVE-2024-54133.md b/advisories/_posts/2024-12-10-CVE-2024-54133.md
@@ -49,6 +49,7 @@ advisory:
   related:
     url:
     - https://nvd.nist.gov/vuln/detail/CVE-2024-54133
+    - https://hackerone.com/reports/2905532
     - https://github.com/rails/rails/security/advisories/GHSA-vfm5-rmrh-j26v
     - https://github.com/advisories/GHSA-vfm5-rmrh-j26v
 ---
diff --git a/advisories/_posts/2025-02-10-CVE-2025-25186.md b/advisories/_posts/2025-02-10-CVE-2025-25186.md
@@ -156,6 +156,7 @@ advisory:
   related:
     url:
     - https://nvd.nist.gov/vuln/detail/CVE-2025-25186
+    - https://www.ruby-lang.org/en/news/2025/02/10/dos-net-imap-cve-2025-25186
     - https://github.com/ruby/net-imap/security/advisories/GHSA-7fc5-f82f-cx69
     - https://github.com/ruby/net-imap/commit/70e3ddd071a94e450b3238570af482c296380b35
     - https://github.com/ruby/net-imap/commit/c8c5a643739d2669f0c9a6bb9770d0c045fd74a3
diff --git a/advisories/_posts/2025-02-12-CVE-2025-25184.md b/advisories/_posts/2025-02-12-CVE-2025-25184.md
@@ -0,0 +1,55 @@
+---
+layout: advisory
+title: 'CVE-2025-25184 (rack): Possible Log Injection in Rack::CommonLogger'
+comments: false
+categories:
+- rack
+advisory:
+  gem: rack
+  cve: 2025-25184
+  ghsa: 7g2v-jj9q-g3rg
+  url: https://github.com/rack/rack/security/advisories/GHSA-7g2v-jj9q-g3rg
+  title: Possible Log Injection in Rack::CommonLogger
+  date: 2025-02-12
+  description: |
+    ## Summary
+
+    `Rack::CommonLogger` can be exploited by crafting input that includes
+    newline characters to manipulate log entries. The supplied
+    proof-of-concept demonstrates injecting malicious content into logs.
+
+    ## Details
+
+    When a user provides the authorization credentials via
+    `Rack::Auth::Basic`, if success, the username will be put in
+    `env['REMOTE_USER']` and later be used by `Rack::CommonLogger`
+    for logging purposes.
+
+    The issue occurs when a server intentionally or unintentionally
+    allows a user creation with the username contain CRLF and white
+    space characters, or the server just want to log every login
+    attempts. If an attacker enters a username with CRLF character,
+    the logger will log the malicious username with CRLF characters
+    into the logfile.
+
+    ## Impact
+
+    Attackers can break log formats or insert fraudulent entries,
+    potentially obscuring real activity or injecting malicious data
+    into log files.
+
+    ## Mitigation
+
+    - Update to the latest version of Rack.
+  cvss_v4: 5.7
+  patched_versions:
+  - "~> 2.2.11"
+  - "~> 3.0.12"
+  - ">= 3.1.10"
+  related:
+    url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2025-25184
+    - https://github.com/rack/rack/security/advisories/GHSA-7g2v-jj9q-g3rg
+    - https://github.com/rack/rack/commit/074ae244430cda05c27ca91cda699709cfb3ad8e
+    - https://github.com/advisories/GHSA-7g2v-jj9q-g3rg
+---
