CVE-2021-22942: URL Redirection to Untrusted Site ('Open Redirect')

October 18, 2021 (updated February 2, 2024)

A possible open redirect vulnerability in the Host Authorization middleware in Action Pack that could allow attackers to redirect users to a malicious website.

References

nvd.nist.gov/vuln/detail/CVE-2021-22942
weblog.rubyonrails.org/2021/8/19/Rails-6-0-4-1-and-6-1-4-1-have-been-released/

Detect and mitigate CVE-2021-22942 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →