Published: 30/11/2018 Updated: 09/10/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A bypass vulnerability in Active Storage >= 5.2.0 for Google Cloud Storage and Disk services allow an malicious user to modify the `content-disposition` and `content-type` parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as cookie bombing and specially crafted AppCache manifests, an attacker can gain access to private signed URLs within a specific storage path. This vulnerability has been fixed in version 5.2.1.1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rubyonrails rails

Debian Bug report logs - #914848 rails: CVE-2018-16477: Bypass vulnerability in Active Storage Package: src:rails; Maintainer for src:rails is Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 27 Nov 2018 22:18:01 UTC ...

Debian Bug report logs - #914847 rails: CVE-2018-16476: Broken Access Control vulnerability in Active Job Package: src:rails; Maintainer for src:rails is Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 27 Nov 2018 22 ...

NVD-CWE-noinfo https://weblog.rubyonrails.org/2018/11/27/Rails-4-2-5-0-5-1-5-2-have-been-released/https://groups.google.com/d/msg/rubyonrails-security/3KQRnXDIuLg/mByx5KkqBAAJ https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914848

CVE-2018-16477

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect