CVE-2016-0752: Ruby on Rails Directory Traversal Vulnerability
First published: Tue Feb 16 2016(Updated: )
Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| rubygems/actionpack | <3.2.22.1 | 3.2.22.1 |
| rubygems/actionpack | >=4.2.0<=4.2.5.0 | 4.2.5.1 |
| rubygems/actionpack | >=4.0.0<=4.1.14.0 | 4.1.14.1 |
| rubygems/actionview | >=4.2.0<=4.2.5.0 | 4.2.5.1 |
| rubygems/actionview | >=4.0.0<=4.1.14.0 | 4.1.14.1 |
| Ruby on Rails | ||
| Ruby on Rails | =4.0.0 | |
| Ruby on Rails | =4.0.0-beta | |
| Ruby on Rails | =4.0.0-rc1 | |
| Ruby on Rails | =4.0.0-rc2 | |
| Ruby on Rails | =4.0.1 | |
| Ruby on Rails | =4.0.1-rc1 | |
| Ruby on Rails | =4.0.1-rc2 | |
| Ruby on Rails | =4.0.1-rc3 | |
| Ruby on Rails | =4.0.1-rc4 | |
| Ruby on Rails | =4.0.2 | |
| Ruby on Rails | =4.0.3 | |
| Ruby on Rails | =4.0.4 | |
| Ruby on Rails | =4.0.5 | |
| Ruby on Rails | =4.0.6 | |
| Ruby on Rails | =4.0.6-rc1 | |
| Ruby on Rails | =4.0.6-rc2 | |
| Ruby on Rails | =4.0.6-rc3 | |
| Ruby on Rails | =4.0.7 | |
| Ruby on Rails | =4.0.8 | |
| Ruby on Rails | =4.0.9 | |
| Ruby on Rails | =4.0.10-rc1 | |
| Ruby on Rails | =4.1.0 | |
| Ruby on Rails | =4.1.0-beta1 | |
| Ruby on Rails | =4.1.1 | |
| Ruby on Rails | =4.1.2 | |
| Ruby on Rails | =4.1.2-rc1 | |
| Ruby on Rails | =4.1.2-rc2 | |
| Ruby on Rails | =4.1.2-rc3 | |
| Ruby on Rails | =4.1.3 | |
| Ruby on Rails | =4.1.4 | |
| Ruby on Rails | =4.1.5 | |
| Ruby on Rails | =4.1.6-rc1 | |
| Ruby on Rails | =4.1.7 | |
| Ruby on Rails | =4.1.8 | |
| Ruby on Rails | =4.1.9 | |
| Ruby on Rails | =4.1.10 | |
| Ruby on Rails | =4.1.12 | |
| Ruby on Rails | =4.1.13 | |
| Ruby on Rails | =4.1.14 | |
| Ruby on Rails | =4.2.0-beta1 | |
| Ruby on Rails | =4.2.1 | |
| Ruby on Rails | =4.2.2 | |
| Ruby on Rails | =4.2.3 | |
| Ruby on Rails | =4.2.3-rc1 | |
| Ruby on Rails | =4.2.4 | |
| Ruby on Rails | =4.2.4-rc1 | |
| Ruby on Rails | =4.2.5 | |
| Ruby on Rails | =4.2.5-rc1 | |
| Ruby on Rails | =4.2.5-rc2 | |
| Ruby on Rails | =5.0.0-beta1 | |
| Ruby on Rails | <=3.2.22 | |
| Ruby on Rails | =4.1.11 | |
| Ruby on Rails | <3.2.22.1 | |
| Ruby on Rails | >=4.0.0<4.1.14.1 | |
| Ruby on Rails | >=4.2.0<4.2.5.1 | |
| SUSE Linux | =42.1 | |
| openSUSE | =13.2 | |
| SUSE Linux Enterprise Module for Containers | =12 | |
| Debian Linux | =8.0 | |
| Red Hat Software Collections | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html
- http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html
- http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html
- http://rhn.redhat.com/errata/RHSA-2016-0296.html
- http://www.debian.org/security/2016/dsa-3464
- http://www.openwall.com/lists/oss-security/2016/01/25/13
- http://www.securityfocus.com/bid/81801
- http://www.securitytracker.com/id/1034816
- https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ
- https://www.exploit-db.com/exploits/40561/
- https://nvd.nist.gov/vuln/detail/CVE-2016-0752
- https://github.com/advisories/GHSA-xrr4-p6fq-hjg7 (Advisory)
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2016-0752.yml
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2016-0752.yml
- https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00
- https://web.archive.org/web/20210618005620/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ
- https://web.archive.org/web/20210621170450/http://www.securityfocus.com/bid/81801
- https://web.archive.org/web/20210723192420/http://www.securitytracker.com/id/1034816
- https://www.exploit-db.com/exploits/40561
Frequently Asked Questions
What is the severity of CVE-2016-0752?
The vulnerability CVE-2016-0752 is classified as a high severity issue due to its potential for file reading exploitation.
How do I fix CVE-2016-0752?
To fix CVE-2016-0752, upgrade Action View to version 3.2.22.1 or later, and also update Action Pack to the corresponding secure versions.
What software is affected by CVE-2016-0752?
CVE-2016-0752 affects Ruby on Rails versions prior to 3.2.22.1, 4.0.x prior to 4.1.14.1, 4.1.x prior to 4.1.14.1, 4.2.x prior to 4.2.5.1, and 5.x prior to 5.0.0.beta1.1.
Can CVE-2016-0752 be exploited remotely?
Yes, CVE-2016-0752 can be exploited remotely, allowing attackers to read arbitrary files on the server.
What technical details are associated with CVE-2016-0752?
CVE-2016-0752 is a directory traversal vulnerability that allows unauthorized file access through improperly validated paths in Action View.
- agent/type
- agent/title
- agent/weakness
- agent/description
- agent/author
- agent/severity
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-xrr4-p6fq-hjg7
- alias/CVE-2016-0752
- agent/software-canonical-lookup
- agent/references
- collector/github-advisory
- agent/first-publish-date
- agent/trending
- agent/source
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-index
- collector/nvd-api
- source/NVD
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- package-manager/rubygems
- vendor/rails
- canonical/ruby on rails
- vendor/rubyonrails
- version/ruby on rails/4.0.0
- version/ruby on rails/4.0.0-beta
- version/ruby on rails/4.0.0-rc1
- version/ruby on rails/4.0.0-rc2
- version/ruby on rails/4.0.1
- version/ruby on rails/4.0.1-rc1
- version/ruby on rails/4.0.1-rc2
- version/ruby on rails/4.0.1-rc3
- version/ruby on rails/4.0.1-rc4
- version/ruby on rails/4.0.2
- version/ruby on rails/4.0.3
- version/ruby on rails/4.0.4
- version/ruby on rails/4.0.5
- version/ruby on rails/4.0.6
- version/ruby on rails/4.0.6-rc1
- version/ruby on rails/4.0.6-rc2
- version/ruby on rails/4.0.6-rc3
- version/ruby on rails/4.0.7
- version/ruby on rails/4.0.8
- version/ruby on rails/4.0.9
- version/ruby on rails/4.0.10-rc1
- version/ruby on rails/4.1.0
- version/ruby on rails/4.1.0-beta1
- version/ruby on rails/4.1.1
- version/ruby on rails/4.1.2
- version/ruby on rails/4.1.2-rc1
- version/ruby on rails/4.1.2-rc2
- version/ruby on rails/4.1.2-rc3
- version/ruby on rails/4.1.3
- version/ruby on rails/4.1.4
- version/ruby on rails/4.1.5
- version/ruby on rails/4.1.6-rc1
- version/ruby on rails/4.1.7
- version/ruby on rails/4.1.8
- version/ruby on rails/4.1.9
- version/ruby on rails/4.1.10
- version/ruby on rails/4.1.12
- version/ruby on rails/4.1.13
- version/ruby on rails/4.1.14
- version/ruby on rails/4.2.0-beta1
- version/ruby on rails/4.2.1
- version/ruby on rails/4.2.2
- version/ruby on rails/4.2.3
- version/ruby on rails/4.2.3-rc1
- version/ruby on rails/4.2.4
- version/ruby on rails/4.2.4-rc1
- version/ruby on rails/4.2.5
- version/ruby on rails/4.2.5-rc1
- version/ruby on rails/4.2.5-rc2
- version/ruby on rails/5.0.0-beta1
- version/ruby on rails/3.2.22
- version/ruby on rails/4.1.11
- version/ruby on rails/4.2.0
- vendor/opensuse
- canonical/suse linux
- version/suse linux/42.1
- canonical/opensuse
- version/opensuse/13.2
- vendor/suse
- canonical/suse linux enterprise module for containers
- version/suse linux enterprise module for containers/12
- vendor/debian
- canonical/debian linux
- version/debian linux/8.0
- vendor/redhat
- canonical/red hat software collections
- version/red hat software collections/1.0