ruby.rails.security.audit.rails-check-response-splitting.rails-check-response-splitting
returntocorpAuthor
unknown
Download Count*
License
Rails versions 2.3.14 are vulnerable to response splitting, allowing header injection (CVE-2011-3186). Upgrade to 2.3.14 or greater.
Run Locally
Run in CI
Defintion
rules:
- id: rails-check-response-splitting
pattern-either:
- pattern-either:
- pattern: gem 'rails', '2.3'
- patterns:
- pattern-either:
- pattern: gem 'rails', '2.3.$PATCH'
- pattern: gem 'rails', '~> 2.3.$PATCH'
- metavariable-comparison:
metavariable: $PATCH
comparison: $PATCH < 14
message: Rails versions 2.3.14 are vulnerable to response splitting, allowing
header injection (CVE-2011-3186). Upgrade to 2.3.14 or greater.
languages:
- generic
severity: WARNING
paths:
include:
- "*Gemfile"
- gems.rb
metadata:
cwe:
- "CWE-94: Improper Control of Generation of Code ('Code Injection')"
owasp:
- A03:2021 - Injection
technology:
- rails
source-rule-url: https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_response_splitting.rb
category: security
references:
- https://groups.google.com/d/topic/rubyonrails-security/b_yTveAph2g/discussion
cwe2022-top25: true
subcategory:
- audit
likelihood: LOW
impact: LOW
confidence: LOW
license: Commons Clause License Condition v1.0[LGPL-2.1-only]
Examples
rails-check-response-splitting.Gemfile
source 'https://rubygems.org'
# ok
gem 'rails', '2.3.15'
# ok
gem 'rails', '~> 2.3'
# ruleid: rails-check-response-splitting
gem 'rails', '2.3.0'
# ruleid: rails-check-response-splitting
gem 'rails', '~> 2.3.12'
Short Link: https://sg.run/DAj2