Sha256: 8a37de14ca5fdcae277b82ec3f3f4679e43f5843d310b1e73c39384da0a7b96e
Contents?: true
Size: 599 Bytes
Versions: 6
Compression:
Stored size: 599 Bytes
Contents
--- gem: actionpack framework: rails cve: 2014-7818 url: https://groups.google.com/forum/#!topic/rubyonrails-security/dCp7duBiQgo title: Arbitrary file existence disclosure in Action Pack date: 2014-10-30 description: | Specially crafted requests can be used to determine whether a file exists on the filesystem that is outside the Rails application's root directory. The files will not be served, but attackers can determine whether or not the file exists. cvss_v2: 4.3 unaffected_versions: - "< 3.0.0" patched_versions: - ~> 3.2.20 - ~> 4.0.11 - ~> 4.1.7 - ">= 4.2.0.beta3"
Version data entries
6 entries across 6 versions & 2 rubygems