CVE-2018-3760

EPSS 93.24%
Published 26.06.2018 19:29:00
Last modified 21.11.2024 04:06:01
Source support@hackerone.com
Teams watchlist Login
Open Login

There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.

Affected products Warnungen 0 Metrics 3 CWE 2 References 10

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Cloudforms Version4.5

Redhat ≫ Cloudforms Version4.6

Redhat ≫ Enterprise Linux Version6.0

Redhat ≫ Enterprise Linux Version6.7

Redhat ≫ Enterprise Linux Version7.0

Redhat ≫ Enterprise Linux Version7.3

Redhat ≫ Enterprise Linux Version7.4

Redhat ≫ Enterprise Linux Version7.5

Redhat ≫ Enterprise Linux Version7.6

Sprockets Project ≫ Sprockets Version >= 2.0.0 <= 2.12.4

Sprockets Project ≫ Sprockets Version >= 3.0.0 <= 3.7.1

Sprockets Project ≫ Sprockets Version4.0.0 Updatebeta1

Sprockets Project ≫ Sprockets Version4.0.0 Updatebeta2

Sprockets Project ≫ Sprockets Version4.0.0 Updatebeta3

Sprockets Project ≫ Sprockets Version4.0.0 Updatebeta4

Sprockets Project ≫ Sprockets Version4.0.0 Updatebeta5

Sprockets Project ≫ Sprockets Version4.0.0 Updatebeta6

Sprockets Project ≫ Sprockets Version4.0.0 Updatebeta7

Debian ≫ Debian Linux Version9.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	93.24%	0.998

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://access.redhat.com/errata/RHSA-2018:2244

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2245

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2561

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2745

Third Party Advisory

https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5fhttps://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441https://github.com/rails/sprockets/commit/18b8a7f07a50c245e9aee7854ecdbe606bbd8bb5

Broken Link

https://groups.google.com/d/msg/rubyonrails-security/ft_J--l55fM/7roDfQ50BwAJ

Patch