CVE-2015-2963 - Vulnerability Details - OpenCVE

The thoughtbot paperclip gem before 4.2.2 for Ruby does not consider the content-type value during media-type validation, which allows remote attackers to upload HTML documents and conduct cross-site scripting (XSS) attacks via a spoofed value, as demonstrated by image/jpeg.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Thoughtbot	Paperclip

Configuration 1 [-]

cpe:2.3:a:thoughtbot:paperclip:*:*:*:*:*:ruby:*:*

No data.

References

Link	Providers
http://jvn.jp/en/jp/JVN83881261/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000088
http://openwall.com/lists/oss-security/2015/06/19/3
http://www.securityfocus.com/bid/75304
https://github.com/thoughtbot/paperclip/commit/9aee4112f36058cd28d5fe4a006d6981bd1eda57
https://robots.thoughtbot.com/paperclip-security-release

History

No history.

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2015-07-10T17:00:00

Updated: 2024-08-06T05:32:20.697Z

Reserved: 2015-04-07T00:00:00

Link: CVE-2015-2963

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-07-10T17:59:00.093

Modified: 2024-11-21T02:28:24.257

Link: CVE-2015-2963

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-06-05T00:00:00", "descriptions": [{"lang": "en", "value": "The thoughtbot paperclip gem before 4.2.2 for Ruby does not consider the content-type value during media-type validation, which allows remote attackers to upload HTML documents and conduct cross-site scripting (XSS) attacks via a spoofed value, as demonstrated by image/jpeg."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-01T15:57:02", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"name": "75304", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/75304"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://robots.thoughtbot.com/paperclip-security-release"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/thoughtbot/paperclip/commit/9aee4112f36058cd28d5fe4a006d6981bd1eda57"}, {"name": "JVN#83881261", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN83881261/index.html"}, {"name": "JVNDB-2015-000088", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000088"}, {"name": "[oss-security] 20150618 Re: CVE request: Content type spoofing in ruby gem paperclip <4.2.2", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2015/06/19/3"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2015-2963", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The thoughtbot paperclip gem before 4.2.2 for Ruby does not consider the content-type value during media-type validation, which allows remote attackers to upload HTML documents and conduct cross-site scripting (XSS) attacks via a spoofed value, as demonstrated by image/jpeg."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "75304", "refsource": "BID", "url": "http://www.securityfocus.com/bid/75304"}, {"name": "https://robots.thoughtbot.com/paperclip-security-release", "refsource": "CONFIRM", "url": "https://robots.thoughtbot.com/paperclip-security-release"}, {"name": "https://github.com/thoughtbot/paperclip/commit/9aee4112f36058cd28d5fe4a006d6981bd1eda57", "refsource": "CONFIRM", "url": "https://github.com/thoughtbot/paperclip/commit/9aee4112f36058cd28d5fe4a006d6981bd1eda57"}, {"name": "JVN#83881261", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN83881261/index.html"}, {"name": "JVNDB-2015-000088", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000088"}, {"name": "[oss-security] 20150618 Re: CVE request: Content type spoofing in ruby gem paperclip <4.2.2", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2015/06/19/3"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:32:20.697Z"}, "title": "CVE Program Container", "references": [{"name": "75304", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/75304"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://robots.thoughtbot.com/paperclip-security-release"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/thoughtbot/paperclip/commit/9aee4112f36058cd28d5fe4a006d6981bd1eda57"}, {"name": "JVN#83881261", "tags": ["third-party-advisory", "x_refsource_JVN", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN83881261/index.html"}, {"name": "JVNDB-2015-000088", "tags": ["third-party-advisory", "x_refsource_JVNDB", "x_transferred"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000088"}, {"name": "[oss-security] 20150618 Re: CVE request: Content type spoofing in ruby gem paperclip <4.2.2", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2015/06/19/3"}]}]}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2015-2963", "datePublished": "2015-07-10T17:00:00", "dateReserved": "2015-04-07T00:00:00", "dateUpdated": "2024-08-06T05:32:20.697Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:thoughtbot:paperclip:*:*:*:*:*:ruby:*:*", "matchCriteriaId": "DE525443-1C61-4909-A20A-38209B765FBE", "versionEndIncluding": "4.2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The thoughtbot paperclip gem before 4.2.2 for Ruby does not consider the content-type value during media-type validation, which allows remote attackers to upload HTML documents and conduct cross-site scripting (XSS) attacks via a spoofed value, as demonstrated by image/jpeg."}, {"lang": "es", "value": "Thoughtbot paperclip gem en versiones anteriores a la 4.2.2 para Ruby no tiene en cuenta el valor de tipo de contenido durante la validaci\u00f3n de tipo de medios, lo que permite a atacantes remotos subir documentos HTML y realizar cross-site scripting (XSS) a trav\u00e9s de un valor suplantado, como se demuestra por la imagen / jpeg."}], "id": "CVE-2015-2963", "lastModified": "2024-11-21T02:28:24.257", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2015-07-10T17:59:00.093", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "http://jvn.jp/en/jp/JVN83881261/index.html"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000088"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "http://openwall.com/lists/oss-security/2015/06/19/3"}, {"source": "vultures@jpcert.or.jp", "url": "http://www.securityfocus.com/bid/75304"}, {"source": "vultures@jpcert.or.jp", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/thoughtbot/paperclip/commit/9aee4112f36058cd28d5fe4a006d6981bd1eda57"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "https://robots.thoughtbot.com/paperclip-security-release"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://jvn.jp/en/jp/JVN83881261/index.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000088"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://openwall.com/lists/oss-security/2015/06/19/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/75304"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/thoughtbot/paperclip/commit/9aee4112f36058cd28d5fe4a006d6981bd1eda57"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://robots.thoughtbot.com/paperclip-security-release"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}