HTTP response splitting in CGI
Published: November 18, 2022
SECURITY IDENTIFIERS
- CVE: CVE-2021-33621 (NVD)
- GHSA: GHSA-vc47-6rqg-c7f5
- Vendor Advisory: https://www.ruby-lang.org/en/news/2022/11/22/http-response-splitting-in-cgi-cve-2021-33621/
GEM
SEVERITY
CVSS v3.x: 8.8 (High)
PATCHED VERSIONS
~> 0.1.0.2
~> 0.2.2
>= 0.3.5
DESCRIPTION
cgi.rb in Ruby through 2.6.x, through 3.0x, and through 3.1.x allows HTTP header injection. If a CGI application using the CGI library inserts untrusted input into the HTTP response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients.