Lucene search
K

24 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/03/18 12:0 a.m.4 views

ruby4.0-rubygem-sprockets-4.2.1-1.9 on GA media (moderate)

ruby4.0-rubygem-sprockets-4.2.1-1.9 on GA media Announcement ID: openSUSE-SU-2026:10364-1 Rating: moderate Cross-References: CVE-2018-3760 CVSS scores: CVE-2018-3760 SUSE : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Tumbleweed An update that solves one...

7.5CVSS7.1AI score0.26717EPSS
Exploits2
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/18 12:0 a.m.4 views

ruby4.0-rubygem-sprockets-3.7-3.7.5-1.5 on GA media (moderate)

ruby4.0-rubygem-sprockets-3.7-3.7.5-1.5 on GA media Announcement ID: openSUSE-SU-2026:10365-1 Rating: moderate Cross-References: CVE-2018-3760 CVSS scores: CVE-2018-3760 SUSE : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Tumbleweed An update that solves one...

7.5CVSS7.1AI score0.26717EPSS
Exploits2
OPENSUSE Linux
OPENSUSE Linux
added 2025/05/18 12:0 a.m.8 views

ruby3.4-rubygem-sprockets-4.2.1-1.7 on GA media (moderate)

ruby3.4-rubygem-sprockets-4.2.1-1.7 on GA media Announcement ID: openSUSE-SU-2025:15127-1 Rating: moderate Cross-References: CVE-2018-3760 CVSS scores: CVE-2018-3760 SUSE : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Tumbleweed An update that solves one...

7.5CVSS7.3AI score0.26717EPSS
Exploits2
OPENSUSE Linux
OPENSUSE Linux
added 2025/05/18 12:0 a.m.6 views

ruby3.4-rubygem-sprockets-3.7-3.7.5-1.3 on GA media (moderate)

ruby3.4-rubygem-sprockets-3.7-3.7.5-1.3 on GA media Announcement ID: openSUSE-SU-2025:15128-1 Rating: moderate Cross-References: CVE-2018-3760 CVSS scores: CVE-2018-3760 SUSE : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Tumbleweed An update that solves one...

7.5CVSS7.3AI score0.26717EPSS
Exploits2
Circl
Circl
added 2024/12/23 12:0 a.m.64 views

CVE-2018-3760

creationtimestamp| type| source ---|---|--- 2024-12-23 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-12-23 2024-12-24 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-24 2024-12-29 00:00:00+00:00| seen| The Shadowserver...

7.5CVSS7.1AI score0.26717EPSS
In wildExploits2References3
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.22 views

RHEL 6 / 7 : rh-ror50-rubygem-sprockets (RHSA-2018:2245)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2245 advisory. Sprockets is a Ruby library for compiling and serving web assets. It features declarative dependency management for JavaScript and CSS assets, as...

7.5CVSS7.5AI score0.26717EPSS
Exploits2References4
GithubExploit
GithubExploit
added 2019/10/21 2:15 p.m.9 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Redhat Cloudforms

CVE-2018-3760 Rails Asset Pipeline Directory Traversal Vuln...

7.5CVSS5.8AI score0.26717EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.34 views

openSUSE Security Update : rubygem-sprockets (openSUSE-2019-542)

This update for rubygem-sprockets fixes the following issues : The following security vulnerability was addressed : - CVE-2018-3760: Fixed a path traversal issue in sprockets/server.rb:forbiddenrequest?, which allowed remote attackers to read arbitrary files bsc1098369 This update was imported fr...

7.5CVSS7.6AI score0.26717EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.15 views

openSUSE: Security Advisory for rubygem-sprockets (openSUSE-SU-2018:2124-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.26717EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2018/09/26 6:36 p.m.44 views

Important: Red Hat Security Advisory: CloudForms 4.5.5 security, bug fix and enhancement update

An update is now available for CloudForms Management Engine 5.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.8CVSS7.5AI score0.26717EPSS
Exploits2References28
seebug.org
seebug.org
added 2018/08/08 12:0 a.m.813 views

Ruby on Rails 路径穿越与任意文件读取漏洞(CVE-2018-3760)分析

漏洞公告 该漏洞由安全研究人员 Orange Tsai发现。漏洞公告来自 https://groups.google.com/forum/!topic/rubyonrails-security/ftJ--l55fM There is an information leak vulnerability in Sprockets. This vulnerability has been assigned the CVE identifier CVE-2018-3760. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower,...

7.6AI score0.26717EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2018/07/30 12:0 a.m.39 views

openSUSE Security Update : rubygem-sprockets (openSUSE-2018-773)

This update for rubygem-sprockets fixes the following issues : The following security vulnerability was addressed : - CVE-2018-3760: Fixed a path traversal issue in sprockets/server.rb:forbiddenrequest?, which allowed remote attackers to read arbitrary files bsc1098369 This update was imported fr...

7.5CVSS7.6AI score0.26717EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2018/07/24 7:47 a.m.78 views

Important: Red Hat Security Advisory: rh-ror50-rubygem-sprockets security update

An update for rh-ror50-rubygem-sprockets is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.3AI score0.26717EPSS
Exploits2References2
OSV
OSV
added 2018/07/19 7:35 a.m.9 views

SUSE-SU-2018:1994-1 Security update for rubygem-sprockets

This update for rubygem-sprockets fixes the following issues: The following security vulnerability was addressed: - CVE-2018-3760: Fixed a path traversal issue in sprockets/server.rb:forbiddenrequest?, which allowed remote attackers to read arbitrary files bsc1098369...

7.5CVSS7.3AI score0.26717EPSS
Exploits2References3
Debian
Debian
added 2018/07/12 9:30 a.m.34 views

[SECURITY] [DLA-1419-1] ruby-sprockets security update

Package : ruby-sprockets Version : 2.12.3-1+deb8u1 CVE IDs : CVE-2018-3760 Debian Bug : 901913 It was discovered that there was a discovered a path traversal flaw in ruby-sprockets, a Rack-based asset packaging system. A remote attacker could take advantage of this flaw to read arbitrary files...

7.5CVSS7.6AI score0.26717EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2018/07/10 12:0 a.m.42 views

Debian DSA-4242-1 : ruby-sprockets - security update

Orange Tsai discovered a path traversal flaw in ruby-sprockets, a Rack-based asset packaging system. A remote attacker can take advantage of this flaw to read arbitrary files outside an application's root directory via specially crafted requests, when the Sprockets server is used in production. C...

7.5CVSS7.7AI score0.26717EPSS
Exploits2References5
Debian
Debian
added 2018/07/09 9:6 p.m.33 views

[SECURITY] [DSA 4242-1] ruby-sprockets security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4242-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 09, 2018 https://www.debian.org/security/faq -...

5CVSS2.3AI score0.26717EPSS
Exploits2
Debian
Debian
added 2018/07/09 9:6 p.m.28 views

[SECURITY] [DSA 4242-1] ruby-sprockets security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4242-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 09, 2018 https://www.debian.org/security/faq -...

7.5CVSS7.5AI score0.26717EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2018/07/02 12:0 a.m.30 views

openSUSE Security Update : rubygem-sprockets (openSUSE-2018-686)

This update for rubygem-sprockets fixes the following issues : The following security vulnerability was addressed : - CVE-2018-3760: Fixed a directory traversal issue in sprockets/server.rb:forbiddenrequest?, which allowed remote attackers to read arbitrary files via specially crafted requests...

7.5CVSS7.6AI score0.26717EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2018/06/30 12:0 a.m.19 views

openSUSE: Security Advisory for rubygem-sprockets (openSUSE-SU-2018:1854-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.26717EPSS
Exploits2References2
Rows per page
Query Builder