Lucene search
RedHatRHSA-2018:2245HistoryJul 24, 2018 - 7:16 a.m.
(RHSA-2018:2245) Important: rh-ror50-rubygem-sprockets security update
2018-07-2407:16:12
access.redhat.com
52
0.023 Low
EPSS
Percentile
89.7%
Sprockets is a Ruby library for compiling and serving web assets. It features declarative dependency management for JavaScript and CSS assets, as well as a powerful preprocessor pipeline that allows to write assets in languages like CoffeeScript, Sass and SCSS.
Security Fix(es):
- rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary files (CVE-2018-3760)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | noarch | rh-ror50-rubygem-sprockets-doc | <Β 3.7.1-2.el7 | rh-ror50-rubygem-sprockets-doc-3.7.1-2.el7.noarch.rpm |
| RedHat | 6 | noarch | rh-ror50-rubygem-sprockets | <Β 3.7.1-2.el6 | rh-ror50-rubygem-sprockets-3.7.1-2.el6.noarch.rpm |
| RedHat | 7 | noarch | rh-ror50-rubygem-sprockets | <Β 3.7.1-2.el7 | rh-ror50-rubygem-sprockets-3.7.1-2.el7.noarch.rpm |
| RedHat | 6 | noarch | rh-ror50-rubygem-sprockets-doc | <Β 3.7.1-2.el6 | rh-ror50-rubygem-sprockets-doc-3.7.1-2.el6.noarch.rpm |
Related
hackerone
hackerone
nuclei
nuclei
Ruby On Rails - Local File Inclusion
2020-04-05 18:01:09
nvd
nvd
CVE-2018-3760
2018-06-26 19:29:00
openvas
openvas
Fedora Update for rubygem-sprockets FEDORA-2018-fd29597fa4
2018-07-15 00:00:00
Fedora Update for rubygem-sprockets FEDORA-2018-2735a12b72
2018-07-15 00:00:00
Debian: Security Advisory (DSA-4242-1)
2018-07-08 00:00:00
debian
debian
[SECURITY] [DSA 4242-1] ruby-sprockets security update
2018-07-09 21:06:50
[SECURITY] [DSA 4242-1] ruby-sprockets security update
2018-07-09 21:06:50
[SECURITY] [DLA-1419-1] ruby-sprockets security update
2018-07-12 09:30:56
fedora
fedora
[SECURITY] Fedora 27 Update: rubygem-sprockets-3.7.2-1.fc27
2018-07-14 23:36:29
[SECURITY] Fedora 28 Update: rubygem-sprockets-3.7.2-1.fc28
2018-07-15 03:33:48
veracode
veracode
Directory Traversal
2018-06-20 08:36:16
Directory Traversal
2019-01-15 09:24:20
cvelist
cvelist
CVE-2018-3760
2018-06-19 00:00:00
nessus
nessus
openSUSE Security Update : rubygem-sprockets (openSUSE-2018-773)
2018-07-30 00:00:00
Fedora 27 : rubygem-sprockets (2018-fd29597fa4)
2018-07-24 00:00:00
openSUSE Security Update : rubygem-sprockets (openSUSE-2019-542)
2019-03-27 00:00:00
osv
osv
Sprockets path traversal leads to information leak
2018-06-20 22:18:58
ruby-sprockets - security update
2018-07-09 00:00:00
ruby-sprockets - security update
2018-07-12 00:00:00
suse
suse
Security update for rubygem-sprockets (important)
2018-06-29 21:15:11
Security update for rubygem-sprockets (moderate)
2018-07-28 16:02:02
ubuntucve
ubuntucve
CVE-2018-3760
2018-06-26 00:00:00
redhat
redhat
cve
cve
CVE-2018-3760
2018-06-26 19:29:00
redhatcve
redhatcve
CVE-2018-3760
2019-10-09 16:26:49
seebug
seebug
Ruby on Rails θ·―εΎη©ΏθΆδΈδ»»ζζδ»Άθ―»εζΌζ΄(CVE-2018-3760)εζ
2018-08-08 00:00:00
prion
prion
Information disclosure
2018-06-26 19:29:00
github
github
Sprockets path traversal leads to information leak
2018-06-20 22:18:58
debiancve
debiancve
CVE-2018-3760
2018-06-26 19:29:00