CVE-2022-31033
Authorization header leak in rubygem Mechanize
In short
The Mechanize web automation library leaks the Authorization header (which contains sensitive credentials) when a website redirects you to a different port on the same domain. This means your login credentials could be exposed to an attacker who controls that alternate port.
Technical detail
CWE-200 information disclosure vulnerability in Mechanize versions before 2.8.5: the library fails to clear the Authorization header during cross-port redirects on the same host, allowing credentials to be transmitted to an unintended endpoint. Attack vector requires the application to follow a malicious redirect response; impact is credential exposure if the attacker controls the alternate port.
Summary generated and translated by AI from the official description.
The Mechanize library is used for automating interaction with websites. Mechanize automatically stores and sends cookies, follows redirects, and can follow links and submit forms. In versions prior to 2.8.5 the Authorization header is leaked after a redirect to a different port on the same site. Users are advised to upgrade to Mechanize v2.8.5 or later. There are no known workarounds for this issue.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
sparklemotion · mechanizeWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/sparklemotion/mechanize/commit/c7fe6996a5b95f9880653ba3bc548a8d4ef72317https://github.com/sparklemotion/mechanize/security/advisories/GHSA-64qm-hrgp-pgr9https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7OKZMR5O3T5HQ2V737TC7IU4WZRT2LGX/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA2FJROTX2U6EBWDPKRQ2VAM67A5TQXF/