CVE-2016-0752

HIGH7.5⚠ KEVEPSS 90.5%

Directory traversal vulnerability in Action View in Ruby on Rails

Published: 10/24/2017Modified: 4/28/2026Added to CISA KEV: 3/25/2022

Description

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.

Affected packages (3)

Debian/railsfrom 0, < 2:4.2.5.1-1
RubyGems/actionpack>= 4.0.0, < 4.1.14.1
RubyGems/actionview>= 4.0.0, < 4.1.14.1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H

References (22)

ADVISORYhttps://github.com/advisories/GHSA-xrr4-p6fq-hjg7
ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2016-0752
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2016-0752
WEBhttp://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html
WEBhttp://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html
WEBhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html
WEBhttp://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html
WEBhttp://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html
WEBhttp://rhn.redhat.com/errata/RHSA-2016-0296.html
WEBhttps://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2016-0752.yml
WEBhttps://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2016-0752.yml
WEBhttps://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ
WEBhttps://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00
WEBhttps://web.archive.org/web/20210618005620/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ
WEBhttps://web.archive.org/web/20210621170450/http://www.securityfocus.com/bid/81801
WEBhttps://web.archive.org/web/20210723192420/http://www.securitytracker.com/id/1034816
WEBhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0752
WEBhttps://www.exploit-db.com/exploits/40561
WEBhttp://www.debian.org/security/2016/dsa-3464
WEBhttp://www.openwall.com/lists/oss-security/2016/01/25/13
WEBhttp://www.securityfocus.com/bid/81801
WEBhttp://www.securitytracker.com/id/1034816