CVE-2024-45614 | Puma up to 5.6.8/6.4.2 Header X-Forwarded_For authorization (GHSA-9hf4-67fc-4vf4)

Inserito da Angelo Barbosa | Set 20, 2024 | CVE

A vulnerability has been found in Puma up to 5.6.8/6.4.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded_For leads to authorization bypass.

This vulnerability is known as CVE-2024-45614. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45614 | Puma up to 5.6.8/6.4.2 Header X-Forwarded_For authorization (GHSA-9hf4-67fc-4vf4)

Post correlati

CVE-2024-34595 | Samsung Devices up to SMR Feb-2021 Release 1 SystemUI clickAdapterItem access control

CVE-2024-29153 | Samsung Exynos Modem 5300 LTE improper authorization

CVE-2023-52229 | Pdfcrowd Save as PDF Plugin up to 1.0 on WordPress authorization

CVE-2024-8730 | Exit Notifier Plugin up to 1.9.1 on WordPress cross site scripting