9 matches found
Path Traversal
Active Storage is vulnerable to Path Traversal. The vulnerability is due to Active Storage's DiskServicepathfor not validating that the resolved filesystem path remains within the storage root directory, where a blob key containing path traversal sequences e.g. ../ could allow reading, writing, o...
SUSE CVE-2026-33195
Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's DiskServicepathfor does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path...
Linux Distros Unpatched Vulnerability : CVE-2026-33202
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's...
DEBIAN-CVE-2026-33195
Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's DiskServicepathfor does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path...
CVE-2026-33195
Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's DiskServicepathfor does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path...
CVE-2026-33195 Rails Active Storage has possible Path Traversal in DiskService
Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's DiskServicepathfor does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path...
Rails Active Storage has possible Path Traversal in DiskService
Impact Active Storage's DiskServicepathfor does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path traversal sequences e.g. ../ is used, it could allow reading, writing, or deleting arbitrary files on the server. Blob keys are...
PT-2026-27263
Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Active Storage enables users to attach cloud and local files within Rails applications. A flaw exists in the DiskServicedelete prefixed...
Ruby on Rails: ActiveStorage service's signed URLs can be hijacked via AppCache+Cookie stuffing trick when using GCS or DiskService
ActiveStorage tries to force content-disposition: attachment for a list of content-types, including text/html. However, response-content-type and response-content-disposition in GCS and DiskService's URLs aren't signed, which means an attacker can modify them at will. This is not the case for Azu...