Sha256: e19bf1902a7a5e3f844c5568afe0e7bfd293f4f06275e000fa0c152a5a1ee4ed

Contents?: true

Size: 504 Bytes

Versions: 9

Compression:

Stored size: 504 Bytes

Contents

---
gem: paperclip
osvdb: 103151
url: http://osvdb.org/show/osvdb/103151
title: Paperclip Gem for Ruby contains a flaw
date: 2014-01-31
description: Paperclip Gem for Ruby contains a flaw that is due to the application failing to properly
  validate the file extension, instead only validating the Content-Type header during file uploads.
  This may allow a remote attacker to bypass restrictions on file types for uploaded files by
  spoofing the content-type.
cvss_v2:
patched_versions:
  - ">= 4.0.0"

Version data entries

9 entries across 9 versions & 3 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/paperclip/OSVDB-103151.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/paperclip/OSVDB-103151.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/paperclip/OSVDB-103151.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/paperclip/OSVDB-103151.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/paperclip/OSVDB-103151.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/paperclip/OSVDB-103151.yml
bundler-audit-0.4.0 data/ruby-advisory-db/gems/paperclip/OSVDB-103151.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/paperclip/OSVDB-103151.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/paperclip/OSVDB-103151.yml