CVE-2016-2097Path Traversal in Rails Actionview

CWE-22Path Traversal10 documents8 sources
Severity
5.3MEDIUMNVD
CNA7.5GHSA7.5OSV7.5
EPSS
1.9%
top 16.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Rubyonrails RailsActionpack Project ActionpackRails Actionview+1 more
Timeline
PublishedApr 7
Latest updateOct 24

Description

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0752.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages5 packages

RubyGemsrails/actionview3.0.03.2.22.2+1
Debianrubyonrails/rails< 2:4.2.5.2-1+3
NVDrubyonrails/rails26 versions+25
RubyGemsactionpack_project/actionpack3.0.03.2.22.2+1

Patches

Patch: weblog.rubyonrails.orgPatch: weblog.rubyonrails.org

🔴Vulnerability Details

4
GHSA
actionview contains Path Traversal vulnerability2017-10-24
OSV
actionview contains Path Traversal vulnerability2017-10-24
OSV
CVE-2016-2097: Directory traversal vulnerability in Action View in Ruby on Rails before 32016-04-07
CVEList
CVE-2016-2097: Directory traversal vulnerability in Action View in Ruby on Rails before 32016-04-07

📋Vendor Advisories

2
Red Hat
rubygem-actionpack: directory traversal in Action View, incomplete CVE-2016-0752 fix2016-02-29
Debian
CVE-2016-2097: rails - Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22....2016

💬Community

3
HackerOne
Regarding [CVE-2016-0752] Possible Information Leak Vulnerability in Action View2016-03-01
Bugzilla
CVE-2016-2097 rubygem-actionview: rubygem-actionpack: Directory traversal and information leak in Action View [fedora-all]2016-03-01
Bugzilla
CVE-2016-2097 rubygem-actionview, rubygem-actionpack: directory traversal in Action View, incomplete CVE-2016-0752 fix2016-02-19
CVE-2016-2097 — Path Traversal in Rails Actionview | cvebase