Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x prior to 3.2.21, 4.0.x prior to 4.0.12, 4.1.x prior to 4.1.8, and 4.2.x prior to 4.2.0.beta4, when serve_static_assets is enabled, allows remote malicious users to determine the existence of files outside the application root via vectors involving a \ (backslash) character, a similar issue to CVE-2014-7818.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 12.3 |
||
opensuse opensuse 13.1 |
||
opensuse opensuse 13.2 |
||
rubyonrails rails 3.0.0 |
||
rubyonrails rails 3.0.1 |
||
rubyonrails rails 3.0.10 |
||
rubyonrails rails 3.0.14 |
||
rubyonrails rails 3.0.16 |
||
rubyonrails ruby on rails 3.0.4 |
||
rubyonrails rails 3.0.4 |
||
rubyonrails rails 3.0.7 |
||
rubyonrails rails 3.0.9 |
||
rubyonrails rails 3.1.0 |
||
rubyonrails rails 3.1.1 |
||
rubyonrails rails 3.1.4 |
||
rubyonrails rails 3.1.5 |
||
rubyonrails rails 3.2.0 |
||
rubyonrails rails 3.2.15 |
||
rubyonrails rails 3.2.16 |
||
rubyonrails rails 3.2.3 |
||
rubyonrails rails 4.0.0 |
||
rubyonrails rails 4.0.1 |
||
rubyonrails rails 4.0.10 |
||
rubyonrails rails 4.0.6 |
||
rubyonrails rails 4.0.7 |
||
rubyonrails rails 4.1.1 |
||
rubyonrails rails 4.1.2 |
||
rubyonrails rails 4.1.6 |
||
rubyonrails rails 3.0.12 |
||
rubyonrails rails 3.0.2 |
||
rubyonrails rails 3.0.5 |
||
rubyonrails rails 3.0.6 |
||
rubyonrails rails 3.0.8 |
||
rubyonrails rails 3.1.2 |
||
rubyonrails rails 3.1.7 |
||
rubyonrails rails 3.1.8 |
||
rubyonrails rails 3.2.11 |
||
rubyonrails rails 3.2.12 |
||
rubyonrails ruby on rails 3.2.19 |
||
rubyonrails ruby on rails 3.2.20 |
||
rubyonrails rails 3.2.5 |
||
rubyonrails rails 3.2.6 |
||
rubyonrails rails 4.0.4 |
||
rubyonrails rails 4.0.5 |
||
rubyonrails ruby on rails 4.0.11 |
||
rubyonrails rails 4.1.3 |
||
rubyonrails rails 4.2.0 |
||
rubyonrails rails 3.0.13 |
||
rubyonrails rails 3.0.20 |
||
rubyonrails rails 3.0.3 |
||
rubyonrails rails 3.1.3 |
||
rubyonrails rails 3.1.9 |
||
rubyonrails rails 3.2.13 |
||
rubyonrails rails 3.2.2 |
||
rubyonrails rails 3.2.7 |
||
rubyonrails rails 3.2.8 |
||
rubyonrails rails 4.1.0 |
||
rubyonrails rails 4.1.4 |
||
rubyonrails rails 4.1.5 |
||
rubyonrails rails 3.0.11 |
||
rubyonrails rails 3.0.17 |
||
rubyonrails rails 3.0.18 |
||
rubyonrails rails 3.0.19 |
||
rubyonrails rails 3.1.10 |
||
rubyonrails rails 3.1.6 |
||
rubyonrails rails 3.2.1 |
||
rubyonrails rails 3.2.10 |
||
rubyonrails rails 3.2.17 |
||
rubyonrails rails 3.2.18 |
||
rubyonrails rails 3.2.4 |
||
rubyonrails rails 4.0.2 |
||
rubyonrails rails 4.0.3 |
||
rubyonrails rails 4.0.8 |
||
rubyonrails rails 4.0.9 |
||
rubyonrails rails 4.1.7 |