5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.011 Low
EPSS
Percentile
84.3%
Package : ruby-actionpack-3.2
Version : 3.2.6-6+deb7u3
CVE ID : CVE-2015-7576 CVE-2016-0751 CVE-2016-0752 CVE-2016-2097
CVE-2016-2098 CVE-2016-6316
Multiple vulnerabilities have been discovered in ruby-actionpack-3.2, a
web-flow and rendering framework and part of Rails:
CVE-2015-7576
A flaw was found in the way the Action Controller component compared
user names and passwords when performing HTTP basic
authentication. Time taken to compare strings could differ depending
on input, possibly allowing a remote attacker to determine valid user
names and passwords using a timing attack.
CVE-2016-0751
A flaw was found in the way the Action Pack component performed MIME
type lookups. Since queries were cached in a global cache of MIME
types, an attacker could use this flaw to grow the cache indefinitely,
potentially resulting in a denial of service.
CVE-2016-0752
A directory traversal flaw was found in the way the Action View
component searched for templates for rendering. If an application
passed untrusted input to the 'render' method, a remote,
unauthenticated attacker could use this flaw to render unexpected
files and, possibly, execute arbitrary code.
CVE-2016-2097
Crafted requests to Action View might result in rendering files from
arbitrary locations, including files beyond the application's view
directory. This vulnerability is the result of an incomplete fix of
CVE-2016-0752. This bug was found by Jyoti Singh and Tobias Kraze
from Makandra.
CVE-2016-2098
If a web applications does not properly sanitize user inputs, an
attacker might control the arguments of the render method in a
controller or a view, resulting in the possibility of executing
arbitrary ruby code. This bug was found by Tobias Kraze from
Makandra and joernchen of Phenoelit.
CVE-2016-6316
Andrew Carpenter of Critical Juncture discovered a cross-site
scripting vulnerability affecting Action View. Text declared as "HTML
safe" will not have quotes escaped when used as attribute values in
tag helpers.
For Debian 7 "Wheezy", these problems have been fixed in version
3.2.6-6+deb7u3.
We recommend that you upgrade your ruby-actionpack-3.2 packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 8 | all | ruby-actionpack | < 2:4.1.8-1+deb8u2 | ruby-actionpack_2:4.1.8-1+deb8u2_all.deb |
Debian | 8 | all | ruby-actionview | < 2:4.1.8-1+deb8u2 | ruby-actionview_2:4.1.8-1+deb8u2_all.deb |
Debian | 8 | all | ruby-activerecord | < 2:4.1.8-1+deb8u2 | ruby-activerecord_2:4.1.8-1+deb8u2_all.deb |
Debian | 8 | all | ruby-activesupport-2.3 | < 2:4.1.8-1+deb8u2 | ruby-activesupport-2.3_2:4.1.8-1+deb8u2_all.deb |
Debian | 8 | all | rails | < 2:4.1.8-1+deb8u2 | rails_2:4.1.8-1+deb8u2_all.deb |
Debian | 8 | all | ruby-activemodel | < 2:4.1.8-1+deb8u2 | ruby-activemodel_2:4.1.8-1+deb8u2_all.deb |
Debian | 8 | all | ruby-railties | < 2:4.1.8-1+deb8u2 | ruby-railties_2:4.1.8-1+deb8u2_all.deb |
Debian | 7 | all | ruby-actionpack-3.2 | < 3.2.6-6+deb7u3 | ruby-actionpack-3.2_3.2.6-6+deb7u3_all.deb |
Debian | 8 | all | ruby-activesupport | < 2:4.1.8-1+deb8u2 | ruby-activesupport_2:4.1.8-1+deb8u2_all.deb |
Debian | 8 | all | ruby-rails | < 2:4.1.8-1+deb8u2 | ruby-rails_2:4.1.8-1+deb8u2_all.deb |
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.011 Low
EPSS
Percentile
84.3%