{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-01-25T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-09T09:57:01.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "40561", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/40561/"}, {"name": "openSUSE-SU-2016:0372", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"}, {"name": "openSUSE-SU-2016:0363", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"}, {"name": "[oss-security] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/01/25/13"}, {"name": "FEDORA-2016-97002ad37b", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html"}, {"name": "SUSE-SU-2016:1146", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"}, {"name": "81801", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/81801"}, {"name": "1034816", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034816"}, {"name": "FEDORA-2016-fa0dec2360", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html"}, {"name": "[ruby-security-ann] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ"}, {"name": "DSA-3464", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3464"}, {"name": "RHSA-2016:0296", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2016-0752", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "40561", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40561/"}, {"name": "openSUSE-SU-2016:0372", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"}, {"name": "openSUSE-SU-2016:0363", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"}, {"name": "[oss-security] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/01/25/13"}, {"name": "FEDORA-2016-97002ad37b", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html"}, {"name": "SUSE-SU-2016:1146", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"}, {"name": "81801", "refsource": "BID", "url": "http://www.securityfocus.com/bid/81801"}, {"name": "1034816", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034816"}, {"name": "FEDORA-2016-fa0dec2360", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html"}, {"name": "[ruby-security-ann] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "refsource": "MLIST", "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ"}, {"name": "DSA-3464", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3464"}, {"name": "RHSA-2016:0296", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:30:03.939Z"}, "title": "CVE Program Container", "references": [{"name": "40561", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/40561/"}, {"name": "openSUSE-SU-2016:0372", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"}, {"name": "openSUSE-SU-2016:0363", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"}, {"name": "[oss-security] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/01/25/13"}, {"name": "FEDORA-2016-97002ad37b", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html"}, {"name": "SUSE-SU-2016:1146", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"}, {"name": "81801", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/81801"}, {"name": "1034816", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1034816"}, {"name": "FEDORA-2016-fa0dec2360", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html"}, {"name": "[ruby-security-ann] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ"}, {"name": "DSA-3464", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3464"}, {"name": "RHSA-2016:0296", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-22", "lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-02-07T13:26:36.145115Z", "id": "CVE-2016-0752", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-25", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-0752"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T13:26:44.098Z"}}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-0752", "datePublished": "2016-02-16T02:00:00.000Z", "dateReserved": "2015-12-16T00:00:00.000Z", "dateUpdated": "2025-02-07T13:26:44.098Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.exploit-db.com/exploits/40561/", "name": "40561", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html", "name": "openSUSE-SU-2016:0372", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html", "name": "openSUSE-SU-2016:0363", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2016/01/25/13", "name": "[oss-security] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html", "name": "FEDORA-2016-97002ad37b", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html", "name": "SUSE-SU-2016:1146", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/81801", "name": "81801", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "http://www.securitytracker.com/id/1034816", "name": "1034816", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html", "name": "FEDORA-2016-fa0dec2360", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"]}, {"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ", "name": "[ruby-security-ann] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "http://www.debian.org/security/2016/dsa-3464", "name": "DSA-3464", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"]}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html", "name": "RHSA-2016:0296", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:30:03.939Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2016-0752", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-07T13:26:36.145115Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-25", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-0752"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T13:24:34.486Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-01-25T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/40561/", "name": "40561", "tags": ["exploit", "x_refsource_EXPLOIT-DB"]}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html", "name": "openSUSE-SU-2016:0372", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html", "name": "openSUSE-SU-2016:0363", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://www.openwall.com/lists/oss-security/2016/01/25/13", "name": "[oss-security] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html", "name": "FEDORA-2016-97002ad37b", "tags": ["vendor-advisory", "x_refsource_FEDORA"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html", "name": "SUSE-SU-2016:1146", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://www.securityfocus.com/bid/81801", "name": "81801", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "http://www.securitytracker.com/id/1034816", "name": "1034816", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html", "name": "FEDORA-2016-fa0dec2360", "tags": ["vendor-advisory", "x_refsource_FEDORA"]}, {"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ", "name": "[ruby-security-ann] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "http://www.debian.org/security/2016/dsa-3464", "name": "DSA-3464", "tags": ["vendor-advisory", "x_refsource_DEBIAN"]}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html", "name": "RHSA-2016:0296", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2017-09-09T09:57:01.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "n/a"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://www.exploit-db.com/exploits/40561/", "name": "40561", "refsource": "EXPLOIT-DB"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html", "name": "openSUSE-SU-2016:0372", "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html", "name": "openSUSE-SU-2016:0363", "refsource": "SUSE"}, {"url": "http://www.openwall.com/lists/oss-security/2016/01/25/13", "name": "[oss-security] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "refsource": "MLIST"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html", "name": "FEDORA-2016-97002ad37b", "refsource": "FEDORA"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html", "name": "SUSE-SU-2016:1146", "refsource": "SUSE"}, {"url": "http://www.securityfocus.com/bid/81801", "name": "81801", "refsource": "BID"}, {"url": "http://www.securitytracker.com/id/1034816", "name": "1034816", "refsource": "SECTRACK"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html", "name": "FEDORA-2016-fa0dec2360", "refsource": "FEDORA"}, {"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ", "name": "[ruby-security-ann] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View", "refsource": "MLIST"}, {"url": "http://www.debian.org/security/2016/dsa-3464", "name": "DSA-3464", "refsource": "DEBIAN"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html", "name": "RHSA-2016:0296", "refsource": "REDHAT"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2016-0752", "STATE": "PUBLIC", "ASSIGNER": "secalert@redhat.com"}}}}, "cveMetadata": {"cveId": "CVE-2016-0752", "state": "PUBLISHED", "dateUpdated": "2025-02-07T13:26:44.098Z", "dateReserved": "2015-12-16T00:00:00.000Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2016-02-16T02:00:00.000Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-04-15", "cisaExploitAdd": "2022-03-25", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Ruby on Rails Directory Traversal Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*", "matchCriteriaId": "E62190CB-5109-46AA-B58C-B3A11667A0AD", "versionEndExcluding": "3.2.22.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*", "matchCriteriaId": "65BD90F9-5A0C-4A1F-AB48-30FC68A3329F", "versionEndExcluding": "4.1.14.1", "versionStartIncluding": "4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*", "matchCriteriaId": "B405A97A-7C41-4005-8E72-56F632D72B9E", "versionEndExcluding": "4.2.5.1", "versionStartIncluding": "4.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "AF8F94CF-D504-4165-A69E-3F1198CB162A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_module_for_containers:12:*:*:*:*:*:*:*", "matchCriteriaId": "E9772014-5321-4AB8-9525-A94797C993B2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D7EE4B6-A6EC-4B9B-91DF-79615796673F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en Action View en Ruby on Rails en versiones anteriores a 3.2.22.1, 4.0.x y 4.1.x en versiones anteriores a 4.1.14.1, 4.2.x en versiones anteriores a 4.2.5.1 y 5.x en versiones anteriores a 5.0.0.beta1.1 permite a atacantes remotos leer archivos arbitrarios aprovechando el uso no restringido del m\u00e9todo render en una aplicaci\u00f3n y proporcionando un .. (punto punto) en un nombre de ruta."}], "id": "CVE-2016-0752", "lastModified": "2025-02-07T14:15:40.030", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2016-02-16T02:59:06.783", "references": [{"source": "secalert@redhat.com", "tags": ["Permissions Required"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html"}, {"source": "secalert@redhat.com", "tags": ["Permissions Required"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3464"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2016/01/25/13"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/81801"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1034816"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/40561/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3464"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2016/01/25/13"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/81801"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1034816"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/40561/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank the Ruby on Rails project for reporting this issue. Upstream acknowledges John Poulin as the original reporter.", "affected_release": [{"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ror40-rubygem-actionpack-1:4.0.2-7.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ror40-rubygem-activerecord-1:4.0.2-6.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ror40-rubygem-activesupport-1:4.0.2-4.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ruby193-rubygem-actionpack-1:3.2.8-16.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ruby193-rubygem-activerecord-1:3.2.8-11.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ruby193-rubygem-activesupport-1:3.2.8-6.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ror40-rubygem-actionpack-1:4.0.2-7.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ror40-rubygem-activerecord-1:4.0.2-6.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ror40-rubygem-activesupport-1:4.0.2-4.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ruby193-rubygem-actionpack-1:3.2.8-16.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ruby193-rubygem-activerecord-1:3.2.8-11.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ruby193-rubygem-activesupport-1:3.2.8-6.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ror40-rubygem-actionpack-1:4.0.2-7.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ror40-rubygem-activerecord-1:4.0.2-6.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ror40-rubygem-activesupport-1:4.0.2-4.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ruby193-rubygem-actionpack-1:3.2.8-16.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ruby193-rubygem-activerecord-1:3.2.8-11.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "ruby193-rubygem-activesupport-1:3.2.8-6.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ror40-rubygem-actionpack-1:4.0.2-7.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ror40-rubygem-activerecord-1:4.0.2-6.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ror40-rubygem-activesupport-1:4.0.2-4.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ruby193-rubygem-actionpack-1:3.2.8-16.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ruby193-rubygem-activerecord-1:3.2.8-11.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ruby193-rubygem-activesupport-1:3.2.8-6.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ror40-rubygem-actionpack-1:4.0.2-7.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ror40-rubygem-activerecord-1:4.0.2-6.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ror40-rubygem-activesupport-1:4.0.2-4.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ruby193-rubygem-actionpack-1:3.2.8-16.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ruby193-rubygem-activerecord-1:3.2.8-11.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ruby193-rubygem-activesupport-1:3.2.8-6.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0296", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS", "release_date": "2016-02-24T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ror40-rubygem-actionpack-1:4.0.2-7.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ror40-rubygem-activerecord-1:4.0.2-6.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0454", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ror40-rubygem-activesupport-1:4.0.2-4.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ruby193-rubygem-actionpack-1:3.2.8-16.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ruby193-rubygem-activerecord-1:3.2.8-11.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS", "release_date": "2016-03-15T00:00:00Z"}, {"advisory": "RHSA-2016:0455", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "ruby193-rubygem-activesupport-1:3.2.8-6.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS", "release_date": "2016-03-15T00:00:00Z"}], "bugzilla": {"description": "rubygem-actionpack: directory traversal flaw in Action View", "id": "1301963", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301963"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "cwe": "CWE-22", "details": ["Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.", "A directory traversal flaw was found in the way the Action View component searched for templates for rendering. If an application passed untrusted input to the 'render' method, a remote, unauthenticated attacker could use this flaw to render unexpected files and, possibly, execute arbitrary code."], "mitigation": {"lang": "en:us", "value": "Avoid passing untrusted input to render method, or verify the input using whitelist before passing it to the render method:\n```\ndef index\nrender verify_template(params[:id])\nend\nprivate\ndef verify_template(name)\n# add verification logic particular to your application here\nend\n```"}, "name": "CVE-2016-0752", "package_state": [{"cpe": "cpe:/a:cloudforms_managementengine:5.2", "fix_state": "Will not fix", "package_name": "ruby193-rubygem-actionpack", "product_name": "CloudForms Management Engine 5.2"}, {"cpe": "cpe:/a:cloudforms_managementengine:5.3", "fix_state": "Will not fix", "package_name": "ruby193-rubygem-actionpack", "product_name": "CloudForms Management Engine 5.3"}, {"cpe": "cpe:/a:rhel_sam:1", "fix_state": "Will not fix", "package_name": "ruby193-rubygem-actionpack", "product_name": "Red Hat Subscription Asset Manager"}, {"cpe": "cpe:/a:rhel_sam:1", "fix_state": "Will not fix", "package_name": "rubygem-actionpack", "product_name": "Red Hat Subscription Asset Manager"}], "public_date": "2016-01-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-0752\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-0752\nhttps://groups.google.com/forum/#!msg/rubyonrails-security/335P1DcLG00/OfB9_LhbFQAJ\nhttps://nvisium.com/blog/2016/01/26/rails-dynamic-render-to-rce-cve-2016-0752/\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "threat_severity": "Important"}