CVE-2011-0449 — actionpack allows remote attackers to bypass intended access restrictions

Description

`actionpack/lib/action_view/template/resolver.rb` in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action name that uses an unintended case for alphabetic characters.

How to fix CVE-2011-0449

To remediate CVE-2011-0449, upgrade the affected package to a fixed version below.

RubyGems/actionpack—upgrade to 3.0.4 or later

Is CVE-2011-0449 being exploited?

Low — EPSS is 0.6%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

>= 3.0.0, < 3.0.4

References (8)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2011-0449
PATCHgithub.com/rails/rails/tree/main/actionpack
WEBgroups.google.com/group/rubyonrails-security/msg/04345b2e84df5b4f?dmode=source&output=gplain
WEBlists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html