Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2018-3760
HistoryJun 26, 2018 - 7:29 p.m.

Information disclosure

2018-06-2619:29:00
PRIOn knowledge base
www.prio-n.com
3

7.1 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.7%

JSON

There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application’s root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.

Related

openvas 8
fedora 2
veracode 2
cvelist 1
nessus 8
osv 3
hackerone 1
nuclei 1
nvd 1
debian 3
suse 2
ubuntucve 1
redhat 4
cve 1
redhatcve 1
seebug 1
github 1
debiancve 1
openvas
openvas
Debian: Security Advisory (DSA-4242-1)
2018-07-08 00:00:00
Fedora Update for rubygem-sprockets FEDORA-2018-fd29597fa4
2018-07-15 00:00:00
Fedora Update for rubygem-sprockets FEDORA-2018-2735a12b72
2018-07-15 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: rubygem-sprockets-3.7.2-1.fc27
2018-07-14 23:36:29
[SECURITY] Fedora 28 Update: rubygem-sprockets-3.7.2-1.fc28
2018-07-15 03:33:48
veracode
veracode
Directory Traversal
2018-06-20 08:36:16
Directory Traversal
2019-01-15 09:24:20
cvelist
cvelist
CVE-2018-3760
2018-06-19 00:00:00
nessus
nessus
openSUSE Security Update : rubygem-sprockets (openSUSE-2018-773)
2018-07-30 00:00:00
Fedora 27 : rubygem-sprockets (2018-fd29597fa4)
2018-07-24 00:00:00
openSUSE Security Update : rubygem-sprockets (openSUSE-2019-542)
2019-03-27 00:00:00
osv
osv
Sprockets path traversal leads to information leak
2018-06-20 22:18:58
ruby-sprockets - security update
2018-07-09 00:00:00
ruby-sprockets - security update
2018-07-12 00:00:00
hackerone
hackerone
Ruby on Rails: Path Traversal on Default Installed Rails Application (Asset Pipeline)
2018-01-22 10:42:20
nuclei
nuclei
Ruby On Rails - Local File Inclusion
2020-04-05 18:01:09
nvd
nvd
CVE-2018-3760
2018-06-26 19:29:00
debian
debian
[SECURITY] [DSA 4242-1] ruby-sprockets security update
2018-07-09 21:06:50
[SECURITY] [DSA 4242-1] ruby-sprockets security update
2018-07-09 21:06:50
[SECURITY] [DLA-1419-1] ruby-sprockets security update
2018-07-12 09:30:56
suse
suse
Security update for rubygem-sprockets (important)
2018-06-29 21:15:11
Security update for rubygem-sprockets (moderate)
2018-07-28 16:02:02
ubuntucve
ubuntucve
CVE-2018-3760
2018-06-26 00:00:00
redhat
redhat
(RHSA-2018:2244) Important: rh-ror42-rubygem-sprockets security update
2018-07-24 07:16:08
(RHSA-2018:2245) Important: rh-ror50-rubygem-sprockets security update
2018-07-24 07:16:12
(RHSA-2018:2745) Important: CloudForms 4.5.5 security, bug fix and enhancement update
2018-09-26 18:25:56
cve
cve
CVE-2018-3760
2018-06-26 19:29:00
redhatcve
redhatcve
CVE-2018-3760
2019-10-09 16:26:49
seebug
seebug
Ruby on Rails θ·―εΎ„η©ΏθΆŠδΈŽδ»»ζ„ζ–‡δ»Άθ―»ε–ζΌζ΄ž(CVE-2018-3760)εˆ†ζž
2018-08-08 00:00:00
github
github
Sprockets path traversal leads to information leak
2018-06-20 22:18:58
debiancve
debiancve
CVE-2018-3760
2018-06-26 19:29:00

7.1 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.7%

JSON
Related for PRION:CVE-2018-3760
openvas8fedora2veracode2cvelist1nessus8osv3hackerone1nuclei1nvd1debian3suse2ubuntucve1redhat4cve1redhatcve1seebug1github1debiancve1