Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, a user supplied `X-Forwarded-Host` header can be used to perform cache poisoning of a cache fronting a Ratpack server if the cache key does not include the `X-Forwarded-Host` header as a cache key. Users are only vulnerable if they do not configure a custom `PublicAddress` instance. For versions prior to 1.9.0, by default, Ratpack utilizes an inferring version of `PublicAddress` which is vulnerable. This can be used to perform redirect cache poisoning where an attacker can force a cached redirect to redirect to their site instead of the intended redirect location. The vulnerability was patched in Ratpack 1.9.0. As a workaround, ensure that `ServerConfigBuilder::publicAddress` correctly configures the server in production.
Published 2021-06-29 15:15:19
Updated 2021-07-08 15:42:12
Source GitHub, Inc.
View at NVD,   CVE.org

Products affected by CVE-2021-29479

Exploit prediction scoring system (EPSS) score for CVE-2021-29479

0.09%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 39 %
Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-29479

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
4.0
MEDIUM AV:N/AC:H/Au:N/C:P/I:P/A:N
4.9
4.9
NIST
6.1
MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2.8
2.7
NIST
7.0
HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
2.2
4.7
GitHub, Inc.

CWE ids for CVE-2021-29479

  • The product uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.
    Assigned by: security-advisories@github.com (Secondary)

References for CVE-2021-29479

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!