RubySec

Providing security resources for the Ruby community

CVE-2015-2963 (paperclip): Paperclip Gem for Ruby vulnerable to content type spoofing

ADVISORIES

GEM

paperclip

SEVERITY

CVSS v2: 4.3

PATCHED VERSIONS

  • >= 4.2.2

DESCRIPTION

There is an issue where if an HTML file is uploaded with a .html extension, but the content type is listed as being image/jpeg, this will bypass a validation checking for images. But it will also pass the spoof check, because a file named .html and containing actual HTML passes the spoof check.