Arbitrary file existence disclosure in Action Pack
Published: October 30, 2014
SECURITY IDENTIFIERS
- CVE: CVE-2014-7818 (NVD)
- GHSA: GHSA-29gr-w57f-rpfw
- Vendor Advisory: https://groups.google.com/forum/#!topic/rubyonrails-security/dCp7duBiQgo
GEM
FRAMEWORK
SEVERITY
CVSS v2.0: 4.3 (Medium)
UNAFFECTED VERSIONS
< 3.0.0
PATCHED VERSIONS
~> 3.2.20
~> 4.0.11
~> 4.1.7
>= 4.2.0.beta3
DESCRIPTION
Specially crafted requests can be used to determine whether a file exists on the filesystem that is outside the Rails application's root directory. The files will not be served, but attackers can determine whether or not the file exists.