CVE-2016-0752: Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before…

high7.5CVSS 3.1

AVNACLPRNUINSUCHINAN

KEVITWEXPLOIT

CISA Known Exploited Vulnerabilitydue 2022-04-15

Exploited in the wild

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.

Affected

57 ranges· showing 25

Vendor	Product	Version range	Fixed in
actionpack_project	actionpack	>= 0 < 3.2.22.1	3.2.22.1
actionpack_project	actionpack	>= 3.0.0 < 3.2.22.2	3.2.22.2
actionpack_project	actionpack	>= 4.0.0 < 4.1.14.1	4.1.14.1
actionpack_project	actionpack	>= 4.0.0 < 4.1.14.2	4.1.14.2
actionpack_project	actionpack	>= 4.2.0 < 4.2.5.1	4.2.5.1
debian	debian_linux	—	—
debian	rails	< rails 2:4.2.5.2-1 (bookworm)	rails 2:4.2.5.2-1 (bookworm)
debian	rails	< rails 2:4.2.5.1-1 (bookworm)	rails 2:4.2.5.1-1 (bookworm)
opensuse	leap	—	—
opensuse	opensuse	—	—
rails	actionview	>= 3.0.0 < 3.2.22.2	3.2.22.2
rails	actionview	>= 3.2.0 < 3.2.22.2	3.2.22.2
rails	actionview	>= 4.0.0 < 4.1.14.1	4.1.14.1
rails	actionview	>= 4.0.0 < 4.1.14.2	4.1.14.2
rails	actionview	>= 4.2.0 < 4.2.5.1	4.2.5.1
redhat	software_collections	—	—
rubyonrails	rails	< 3.2.22.1	3.2.22.1
rubyonrails	rails	—	—
rubyonrails	rails	—	—
rubyonrails	rails	—	—
rubyonrails	rails	—	—
rubyonrails	rails	—	—
rubyonrails	rails	—	—
rubyonrails	rails	—	—
rubyonrails	rails	—	—

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

ghsa7.5HIGH

osv7.5HIGH

vulncheck7.5HIGH

cisa7.5HIGH