Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cached redirect poisoning via X-Forwarded-Host header
Vulnerability Description
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, a user supplied `X-Forwarded-Host` header can be used to perform cache poisoning of a cache fronting a Ratpack server if the cache key does not include the `X-Forwarded-Host` header as a cache key. Users are only vulnerable if they do not configure a custom `PublicAddress` instance. For versions prior to 1.9.0, by default, Ratpack utilizes an inferring version of `PublicAddress` which is vulnerable. This can be used to perform redirect cache poisoning where an attacker can force a cached redirect to redirect to their site instead of the intended redirect location. The vulnerability was patched in Ratpack 1.9.0. As a workaround, ensure that `ServerConfigBuilder::publicAddress` correctly configures the server in production.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
Vulnerability Type
在安全决策中依赖未经信任的输入
Vulnerability Title
Ratpack 安全漏洞
Vulnerability Description
Ratpack是一款用于构建可扩展HTTP应用程序的Java库。 Ratpack 1.9.0之前的版本中存在安全漏洞,攻击者可以利用此漏洞强制缓存重定向到他们的站点。
CVSS Information
N/A
Vulnerability Type
N/A