6 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-8159
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a vulnerability in actionpackpage-caching gem v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote...
Debian DLA-2719-1 : ruby-actionpack-page-caching - LTS security update
The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2719 advisory. - There is a vulnerability in actionpackpage-caching gem v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code...
Debian: Security Advisory (DLA-2719-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2020-8159
There is a vulnerability in actionpackpage-caching gem v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a view...
UBUNTU-CVE-2020-8159
There is a vulnerability in actionpackpage-caching gem v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a view...
Arbitrary File Write
Overview actionpack-pagecaching is a static page caching library for Action Pack. Affected versions of this package are vulnerable to Arbitrary File Write. It is possible for an attacker to write unescaped ERB to a view, and therefore write arbitrary files to a web server, potentially resulting i...