SUSE CVE-2014-0130

Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files...

VulnCheck KEV: CVE-2014-0130

Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request...

actionpack Path Traversal vulnerability

Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files...

[oss-security] [CVE-2014-0130] Directory Traversal Vulnerability With Certain Route Configurations

There is a vulnerability in the 'implicit render' functionality in Ruby on Rails. This vulnerability has been assigned the CVE identifier CVE-2014-0130. Versions Affected: All Supported Not affected: None Fixed Versions: 4.1.1, 4.0.5, 3.2.18 Impact ------ The implicit render functionality allows...

UBUNTU-CVE-2014-0130

Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files...

PT-2014-3491 · Ruby +1 · Ruby On Rails +1

Name of the Vulnerable Software and Affected Versions: Ruby on Rails versions prior to 3.2.18 Ruby on Rails versions 4.0.x prior to 4.0.5 Ruby on Rails versions 4.1.x prior to 4.1.1 Description: The issue allows remote attackers to read arbitrary files via a crafted request, due to a directory...

Directory Traversal Vulnerability With Certain Route Configurations

There is a vulnerability in the 'implicit render' functionality in Ruby on Rails.The implicit render functionality allows controllers to render a template, even if there is no explicit action with the corresponding name. This module does not perform adequate input sanitization which could allow a...