Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities by unpoly

    CVE-2023-28846 (GCVE-0-2023-28846)

    Vulnerability from nvd – Published: 2023-03-30 19:57 – Updated: 2025-02-11 18:46
    VLAI
    Title
    Denial of Service in unpoly-rails
    Summary
    Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service (DoS) vulnerability in the `unpoly-rails` gem that implements the Unpoly server protocol for Rails applications. This issues affects Rails applications that operate as an upstream of a load balancer's that uses passive health checks. The `unpoly-rails` gem echoes the request URL as an `X-Up-Location` response header. By making a request with exceedingly long URLs (paths or query string), an attacker can cause unpoly-rails to write a exceedingly large response header. If the response header is too large to be parsed by a load balancer downstream of the Rails application, it may cause the load balancer to remove the upstream from a load balancing group. This causes that application instance to become unavailable until a configured timeout is reached or until an active healthcheck succeeds. This issue has been fixed and released as version 2.7.2.2 which is available via RubyGems and GitHub. Users unable to upgrade may: Configure your load balancer to use active health checks, e.g. by periodically requesting a route with a known response that indicates healthiness; Configure your load balancer so the maximum size of response headers is at least twice the maximum size of a URL; or instead of changing your server configuration you may also configure your Rails application to delete redundant `X-Up-Location` headers set by unpoly-rails.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    unpoly unpoly-rails Affected: < 2.7.2.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T13:51:38.695Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/unpoly/unpoly-rails/security/advisories/GHSA-m875-3xf6-mf78",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/unpoly/unpoly-rails/security/advisories/GHSA-m875-3xf6-mf78"
              },
              {
                "name": "https://github.com/unpoly/unpoly-rails/commit/cd9ad0007daceeb3b2354fdcab4f88350427bf16",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/unpoly/unpoly-rails/commit/cd9ad0007daceeb3b2354fdcab4f88350427bf16"
              },
              {
                "name": "https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#passive-health-checks",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#passive-health-checks"
              },
              {
                "name": "https://github.com/unpoly/unpoly-rails/",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/unpoly/unpoly-rails/"
              },
              {
                "name": "https://makandracards.com/operations/537537-nginx-proxy-buffer-tuning",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://makandracards.com/operations/537537-nginx-proxy-buffer-tuning"
              },
              {
                "name": "https://tryhexadecimal.com/guides/http/414-request-uri-too-long",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://tryhexadecimal.com/guides/http/414-request-uri-too-long"
              },
              {
                "name": "https://unpoly.com/up.protocol",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://unpoly.com/up.protocol"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-28846",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-11T18:46:12.608525Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-11T18:46:42.157Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "unpoly-rails",
              "vendor": "unpoly",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.7.2.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service (DoS) vulnerability in the `unpoly-rails` gem that implements the Unpoly server protocol for Rails applications. This issues affects Rails applications that operate as an upstream of a load balancer\u0027s that uses passive health checks. The `unpoly-rails` gem echoes the request URL as an `X-Up-Location` response header. By making a request with exceedingly long URLs (paths or query string), an attacker can cause unpoly-rails to write a exceedingly large response header.  If the response header is too large to be parsed by a load balancer downstream of the Rails application, it may cause the load balancer to remove the upstream from a load balancing group. This causes that application instance to become unavailable until a configured timeout is reached or until an active healthcheck succeeds. This issue has been fixed and released as version 2.7.2.2 which is available via RubyGems and GitHub. Users unable to upgrade may: Configure your load balancer to use active health checks, e.g. by periodically requesting a route with a known response that indicates healthiness; Configure your load balancer so the maximum size of response headers is at least twice the maximum size of a URL; or instead of changing your server configuration you may also configure your Rails application to delete redundant `X-Up-Location` headers set by unpoly-rails.\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-30T19:57:38.767Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/unpoly/unpoly-rails/security/advisories/GHSA-m875-3xf6-mf78",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/unpoly/unpoly-rails/security/advisories/GHSA-m875-3xf6-mf78"
            },
            {
              "name": "https://github.com/unpoly/unpoly-rails/commit/cd9ad0007daceeb3b2354fdcab4f88350427bf16",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/unpoly/unpoly-rails/commit/cd9ad0007daceeb3b2354fdcab4f88350427bf16"
            },
            {
              "name": "https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#passive-health-checks",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#passive-health-checks"
            },
            {
              "name": "https://github.com/unpoly/unpoly-rails/",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/unpoly/unpoly-rails/"
            },
            {
              "name": "https://makandracards.com/operations/537537-nginx-proxy-buffer-tuning",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://makandracards.com/operations/537537-nginx-proxy-buffer-tuning"
            },
            {
              "name": "https://tryhexadecimal.com/guides/http/414-request-uri-too-long",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://tryhexadecimal.com/guides/http/414-request-uri-too-long"
            },
            {
              "name": "https://unpoly.com/up.protocol",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://unpoly.com/up.protocol"
            }
          ],
          "source": {
            "advisory": "GHSA-m875-3xf6-mf78",
            "discovery": "UNKNOWN"
          },
          "title": "Denial of Service in unpoly-rails"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2023-28846",
        "datePublished": "2023-03-30T19:57:38.767Z",
        "dateReserved": "2023-03-24T16:25:34.466Z",
        "dateUpdated": "2025-02-11T18:46:42.157Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-28846 (GCVE-0-2023-28846)

    Vulnerability from cvelistv5 – Published: 2023-03-30 19:57 – Updated: 2025-02-11 18:46
    VLAI
    Title
    Denial of Service in unpoly-rails
    Summary
    Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service (DoS) vulnerability in the `unpoly-rails` gem that implements the Unpoly server protocol for Rails applications. This issues affects Rails applications that operate as an upstream of a load balancer's that uses passive health checks. The `unpoly-rails` gem echoes the request URL as an `X-Up-Location` response header. By making a request with exceedingly long URLs (paths or query string), an attacker can cause unpoly-rails to write a exceedingly large response header. If the response header is too large to be parsed by a load balancer downstream of the Rails application, it may cause the load balancer to remove the upstream from a load balancing group. This causes that application instance to become unavailable until a configured timeout is reached or until an active healthcheck succeeds. This issue has been fixed and released as version 2.7.2.2 which is available via RubyGems and GitHub. Users unable to upgrade may: Configure your load balancer to use active health checks, e.g. by periodically requesting a route with a known response that indicates healthiness; Configure your load balancer so the maximum size of response headers is at least twice the maximum size of a URL; or instead of changing your server configuration you may also configure your Rails application to delete redundant `X-Up-Location` headers set by unpoly-rails.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    unpoly unpoly-rails Affected: < 2.7.2.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T13:51:38.695Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/unpoly/unpoly-rails/security/advisories/GHSA-m875-3xf6-mf78",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/unpoly/unpoly-rails/security/advisories/GHSA-m875-3xf6-mf78"
              },
              {
                "name": "https://github.com/unpoly/unpoly-rails/commit/cd9ad0007daceeb3b2354fdcab4f88350427bf16",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/unpoly/unpoly-rails/commit/cd9ad0007daceeb3b2354fdcab4f88350427bf16"
              },
              {
                "name": "https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#passive-health-checks",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#passive-health-checks"
              },
              {
                "name": "https://github.com/unpoly/unpoly-rails/",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/unpoly/unpoly-rails/"
              },
              {
                "name": "https://makandracards.com/operations/537537-nginx-proxy-buffer-tuning",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://makandracards.com/operations/537537-nginx-proxy-buffer-tuning"
              },
              {
                "name": "https://tryhexadecimal.com/guides/http/414-request-uri-too-long",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://tryhexadecimal.com/guides/http/414-request-uri-too-long"
              },
              {
                "name": "https://unpoly.com/up.protocol",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://unpoly.com/up.protocol"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-28846",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-11T18:46:12.608525Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-11T18:46:42.157Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "unpoly-rails",
              "vendor": "unpoly",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.7.2.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service (DoS) vulnerability in the `unpoly-rails` gem that implements the Unpoly server protocol for Rails applications. This issues affects Rails applications that operate as an upstream of a load balancer\u0027s that uses passive health checks. The `unpoly-rails` gem echoes the request URL as an `X-Up-Location` response header. By making a request with exceedingly long URLs (paths or query string), an attacker can cause unpoly-rails to write a exceedingly large response header.  If the response header is too large to be parsed by a load balancer downstream of the Rails application, it may cause the load balancer to remove the upstream from a load balancing group. This causes that application instance to become unavailable until a configured timeout is reached or until an active healthcheck succeeds. This issue has been fixed and released as version 2.7.2.2 which is available via RubyGems and GitHub. Users unable to upgrade may: Configure your load balancer to use active health checks, e.g. by periodically requesting a route with a known response that indicates healthiness; Configure your load balancer so the maximum size of response headers is at least twice the maximum size of a URL; or instead of changing your server configuration you may also configure your Rails application to delete redundant `X-Up-Location` headers set by unpoly-rails.\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-30T19:57:38.767Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/unpoly/unpoly-rails/security/advisories/GHSA-m875-3xf6-mf78",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/unpoly/unpoly-rails/security/advisories/GHSA-m875-3xf6-mf78"
            },
            {
              "name": "https://github.com/unpoly/unpoly-rails/commit/cd9ad0007daceeb3b2354fdcab4f88350427bf16",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/unpoly/unpoly-rails/commit/cd9ad0007daceeb3b2354fdcab4f88350427bf16"
            },
            {
              "name": "https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#passive-health-checks",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#passive-health-checks"
            },
            {
              "name": "https://github.com/unpoly/unpoly-rails/",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/unpoly/unpoly-rails/"
            },
            {
              "name": "https://makandracards.com/operations/537537-nginx-proxy-buffer-tuning",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://makandracards.com/operations/537537-nginx-proxy-buffer-tuning"
            },
            {
              "name": "https://tryhexadecimal.com/guides/http/414-request-uri-too-long",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://tryhexadecimal.com/guides/http/414-request-uri-too-long"
            },
            {
              "name": "https://unpoly.com/up.protocol",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://unpoly.com/up.protocol"
            }
          ],
          "source": {
            "advisory": "GHSA-m875-3xf6-mf78",
            "discovery": "UNKNOWN"
          },
          "title": "Denial of Service in unpoly-rails"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2023-28846",
        "datePublished": "2023-03-30T19:57:38.767Z",
        "dateReserved": "2023-03-24T16:25:34.466Z",
        "dateUpdated": "2025-02-11T18:46:42.157Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }