Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input. Version 2.2.3 and 3.0.4 contain patches for this issue. https://github.com/advisories/GHSA-8x94-hmjh-97hq https://github.com/sinatra/sinatra/commit/ea8fc9495a350f7551b39e3025bfcd06f49f363b https://github.com/sinatra/sinatra/security/advisories/GHSA-2x8x-jmrp-phxw https://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Reflected-File-Download-A-New-Web-Attack-Vector.pdf
Created golang-github-hub tracking bugs for this issue: Affects: fedora-37 [bug 2153367]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:0393 https://access.redhat.com/errata/RHSA-2023:0393
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:0427 https://access.redhat.com/errata/RHSA-2023:0427
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2023:0506 https://access.redhat.com/errata/RHSA-2023:0506
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:0527 https://access.redhat.com/errata/RHSA-2023:0527
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:0855 https://access.redhat.com/errata/RHSA-2023:0855
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:0857 https://access.redhat.com/errata/RHSA-2023:0857
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:0974 https://access.redhat.com/errata/RHSA-2023:0974
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-45442