CVE-2025-58067
📋 TL;DR
This vulnerability in Basecamp's google_sign_in gem allows open redirect attacks when using Google Sign-In in Rails applications. Attackers could redirect users to malicious sites by manipulating the 'proceed_to' session parameter. All Rails applications using vulnerable versions of the google_sign_in gem are affected.
💻 Affected Systems
- Basecamp google_sign_in gem
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Users could be redirected to phishing sites that steal credentials or deliver malware, potentially leading to account compromise and data theft.
Likely Case
Users redirected to malicious sites for phishing, credential harvesting, or malware distribution.
If Mitigated
Limited impact with proper user awareness training and browser security controls, but still represents a security flaw.
🎯 Exploit Status
Requires chaining with another attack to modify OAuth2 parameters, but the redirect itself can be triggered by unauthenticated users.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.3.1
Vendor Advisory: https://github.com/basecamp/google_sign_in/security/advisories/GHSA-5jch-xhw4-r43v
Restart Required: Yes
Instructions:
1. Update Gemfile to 'gem "google_sign_in", "~> 1.3.1"' 2. Run 'bundle update google_sign_in' 3. Restart Rails application server
🔧 Temporary Workarounds
No workarounds available
allThe vendor advisory states there are no workarounds for this vulnerability.
🧯 If You Can't Patch
- Implement additional validation in application code to verify redirect URLs before processing
- Monitor for suspicious redirect patterns in application logs and implement rate limiting
🔍 How to Verify
Check if Vulnerable:
Check Gemfile.lock for google_sign_in version: grep 'google_sign_in' Gemfile.lockCheck Version:
bundle show google_sign_in | grep -o '[0-9]\+\.[0-9]\+\.[0-9]\+'Verify Fix Applied:
Verify version 1.3.1 or higher is installed: bundle show google_sign_in📡 Detection & Monitoring
Log Indicators:
- Unusual redirect patterns in authentication logs
- Multiple failed authentication attempts with modified parameters
Network Indicators:
- Unexpected redirects to external domains during OAuth flow
SIEM Query:
source="rails_app" AND (event="redirect" OR event="authentication") AND url CONTAINS "//" AND NOT url STARTSWITH "https://"