漏洞标题
N/A
漏洞描述信息
在Google Cloud Storage和磁盘服务的Active Storage >= 5.2.0中,有一个绕过漏洞,允许攻击者修改`content-Disposition`和`content-type`参数,这些参数可用于与HTML文件一起使用,并将它们直接执行。此外,如果将其他技术(如 cookie炸裂和特别制作的AppCache manifest)结合使用,攻击者可以在特定的存储路径内访问私钥签名的URL。此漏洞已在5.2.1.1版本中修复。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
A bypass vulnerability in Active Storage >= 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the `content-disposition` and `content-type` parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as cookie bombing and specially crafted AppCache manifests, an attacker can gain access to private signed URLs within a specific storage path. This vulnerability has been fixed in version 5.2.1.1.
CVSS信息
N/A
漏洞类别
信息暴露
漏洞标题
Active Storage 访问控制错误漏洞
漏洞描述信息
Active Storage是一款用于将文件上传到多种云存储服务,并将文件附加到Active Record对象的插件。 Active Storage 5.2.0及之前版本(用于Google Cloud Storage和Disk服务)中存在访问控制错误漏洞。该漏洞源于网络系统或产品未正确限制来自未授权角色的资源访问。
CVSS信息
N/A
漏洞类别
授权问题