Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2018:1854-1
HistoryJun 29, 2018 - 9:15 p.m.

Security update for rubygem-sprockets (important)

2018-06-2921:15:11
lists.opensuse.org
50

0.023 Low

EPSS

Percentile

89.7%

JSON

This update for rubygem-sprockets fixes the following issues:

The following security vulnerability was addressed:

  • CVE-2018-3760: Fixed a directory traversal issue in
    sprockets/server.rb:forbidden_request?(), which allowed remote attackers
    to read arbitrary files via specially crafted requests. (boo#1098369)
OSVersionArchitecturePackageVersionFilename
openSUSE Leap42.3x86_64ruby2.3-rubygem-sprockets-doc<Β 3.3.5-5.3.1ruby2.3-rubygem-sprockets-doc-3.3.5-5.3.1.x86_64.rpm
openSUSE Leap42.3x86_64ruby2.1-rubygem-sprockets-doc<Β 3.3.5-5.3.1ruby2.1-rubygem-sprockets-doc-3.3.5-5.3.1.x86_64.rpm
openSUSE Leap42.3i586ruby2.1-rubygem-sprockets-doc<Β 3.3.5-5.3.1ruby2.1-rubygem-sprockets-doc-3.3.5-5.3.1.i586.rpm
openSUSE Leap42.3x86_64ruby2.2-rubygem-sprockets<Β 3.3.5-5.3.1ruby2.2-rubygem-sprockets-3.3.5-5.3.1.x86_64.rpm
openSUSE Leap42.3i586ruby2.3-rubygem-sprockets-doc<Β 3.3.5-5.3.1ruby2.3-rubygem-sprockets-doc-3.3.5-5.3.1.i586.rpm
openSUSE Leap42.3x86_64ruby2.3-rubygem-sprockets<Β 3.3.5-5.3.1ruby2.3-rubygem-sprockets-3.3.5-5.3.1.x86_64.rpm
openSUSE Leap42.3i586ruby2.3-rubygem-sprockets<Β 3.3.5-5.3.1ruby2.3-rubygem-sprockets-3.3.5-5.3.1.i586.rpm
openSUSE Leap42.3i586ruby2.2-rubygem-sprockets<Β 3.3.5-5.3.1ruby2.2-rubygem-sprockets-3.3.5-5.3.1.i586.rpm
openSUSE Leap42.3i586ruby2.1-rubygem-sprockets<Β 3.3.5-5.3.1ruby2.1-rubygem-sprockets-3.3.5-5.3.1.i586.rpm
openSUSE Leap42.3i586ruby2.4-rubygem-sprockets-doc<Β 3.3.5-5.3.1ruby2.4-rubygem-sprockets-doc-3.3.5-5.3.1.i586.rpm
Rows per page:
1-10 of 161

Related

hackerone 1
nuclei 1
nvd 1
openvas 8
debian 3
fedora 2
veracode 2
cvelist 1
nessus 8
osv 3
ubuntucve 1
cve 1
suse 1
redhatcve 1
seebug 1
redhat 4
prion 1
github 1
debiancve 1
hackerone
hackerone
Ruby on Rails: Path Traversal on Default Installed Rails Application (Asset Pipeline)
2018-01-22 10:42:20
nuclei
nuclei
Ruby On Rails - Local File Inclusion
2020-04-05 18:01:09
nvd
nvd
CVE-2018-3760
2018-06-26 19:29:00
openvas
openvas
Fedora Update for rubygem-sprockets FEDORA-2018-fd29597fa4
2018-07-15 00:00:00
Fedora Update for rubygem-sprockets FEDORA-2018-2735a12b72
2018-07-15 00:00:00
Debian: Security Advisory (DSA-4242-1)
2018-07-08 00:00:00
debian
debian
[SECURITY] [DSA 4242-1] ruby-sprockets security update
2018-07-09 21:06:50
[SECURITY] [DSA 4242-1] ruby-sprockets security update
2018-07-09 21:06:50
[SECURITY] [DLA-1419-1] ruby-sprockets security update
2018-07-12 09:30:56
fedora
fedora
[SECURITY] Fedora 27 Update: rubygem-sprockets-3.7.2-1.fc27
2018-07-14 23:36:29
[SECURITY] Fedora 28 Update: rubygem-sprockets-3.7.2-1.fc28
2018-07-15 03:33:48
veracode
veracode
Directory Traversal
2018-06-20 08:36:16
Directory Traversal
2019-01-15 09:24:20
cvelist
cvelist
CVE-2018-3760
2018-06-19 00:00:00
nessus
nessus
openSUSE Security Update : rubygem-sprockets (openSUSE-2018-773)
2018-07-30 00:00:00
openSUSE Security Update : rubygem-sprockets (openSUSE-2019-542)
2019-03-27 00:00:00
Fedora 27 : rubygem-sprockets (2018-fd29597fa4)
2018-07-24 00:00:00
osv
osv
Sprockets path traversal leads to information leak
2018-06-20 22:18:58
ruby-sprockets - security update
2018-07-09 00:00:00
ruby-sprockets - security update
2018-07-12 00:00:00
ubuntucve
ubuntucve
CVE-2018-3760
2018-06-26 00:00:00
cve
cve
CVE-2018-3760
2018-06-26 19:29:00
suse
suse
Security update for rubygem-sprockets (moderate)
2018-07-28 16:02:02
redhatcve
redhatcve
CVE-2018-3760
2019-10-09 16:26:49
seebug
seebug
Ruby on Rails θ·―εΎ„η©ΏθΆŠδΈŽδ»»ζ„ζ–‡δ»Άθ―»ε–ζΌζ΄ž(CVE-2018-3760)εˆ†ζž
2018-08-08 00:00:00
redhat
redhat
(RHSA-2018:2244) Important: rh-ror42-rubygem-sprockets security update
2018-07-24 07:16:08
(RHSA-2018:2245) Important: rh-ror50-rubygem-sprockets security update
2018-07-24 07:16:12
(RHSA-2018:2745) Important: CloudForms 4.5.5 security, bug fix and enhancement update
2018-09-26 18:25:56
prion
prion
Information disclosure
2018-06-26 19:29:00
github
github
Sprockets path traversal leads to information leak
2018-06-20 22:18:58
debiancve
debiancve
CVE-2018-3760
2018-06-26 19:29:00

0.023 Low

EPSS

Percentile

89.7%

JSON
Related for OPENSUSE-SU-2018:1854-1
hackerone1nuclei1nvd1openvas8debian3fedora2veracode2cvelist1nessus8osv3ubuntucve1cve1suse1redhatcve1seebug1redhat4prion1github1debiancve1