CVE-2024-28103
CVSS V2 None
CVSS V3 None
Description
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3.
Overview
- CVE ID
- CVE-2024-28103
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-06-04T19:47:44.199Z
- Last Modified Date
- 2024-06-20T16:31:41.257Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://github.com/rails/rails/security/advisories/GHSA-fwhr-88qx-h9g7 | x_refsource_CONFIRM |
https://github.com/rails/rails/commit/35858f1d9d57f6c4050a8d9ab754bd5d088b4523 | x_refsource_MISC |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-28103 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28103 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-26 08:08:14 | Added to TrackCVE |