Ubuntu.comUB:CVE-2020-5216CVE-2020-5216
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
EPSS
Percentile
38.5%
In Secure Headers (RubyGem secure_headers), a directive injection
vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0. If
user-supplied input was passed into
append/override_content_security_policy_directives, a newline could be
injected leading to limited header injection. Upon seeing a newline in the
header, rails will silently create a new Content-Security-Policy header
with the remaining value of the original string. It will continue to create
new headers for each newline. This has been fixed in 6.3.0, 5.2.0, and
3.9.0.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | ruby-secure-headers | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | ruby-secure-headers | < any | UNKNOWN |
References
github.com/twitter/secure_headers/commit/301695706f6a70517c2a90c6ef9b32178440a2d0
github.com/twitter/secure_headers/security/advisories/GHSA-w978-rmpf-qmwg
launchpad.net/bugs/cve/CVE-2020-5216
nvd.nist.gov/vuln/detail/CVE-2020-5216
security-tracker.debian.org/tracker/CVE-2020-5216
www.cve.org/CVERecord?id=CVE-2020-5216
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
EPSS
Percentile
38.5%