7.5

CVE-2016-0752

Warnung
Exploit
Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RubyonrailsRails Version < 3.2.22.1
RubyonrailsRails Version >= 4.0.0 < 4.1.14.1
RubyonrailsRails Version >= 4.2.0 < 4.2.5.1
RubyonrailsRails Version5.0.0 Updatebeta1
OpensuseLeap Version42.1
OpensuseOpensuse Version13.2
DebianDebian Linux Version8.0
RedhatSoftware Collections Version1.0

25.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Ruby on Rails Directory Traversal Vulnerability

Schwachstelle

Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 95.54% 0.999
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

http://www.debian.org/security/2016/dsa-3464
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html
Third Party Advisory
Mailing List
http://rhn.redhat.com/errata/RHSA-2016-0296.html
Third Party Advisory
http://www.securitytracker.com/id/1034816
Third Party Advisory
Broken Link
VDB Entry
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html
Permissions Required
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html
Permissions Required
http://www.openwall.com/lists/oss-security/2016/01/25/13
Exploit
Mailing List
http://www.securityfocus.com/bid/81801
Third Party Advisory
Broken Link
VDB Entry
https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ
Broken Link
https://www.exploit-db.com/exploits/40561/
Third Party Advisory
Exploit
VDB Entry
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0752
US Government Resource