CVE-2016-2097 — rails - security update

Description

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0752.

How to fix CVE-2016-2097

To remediate CVE-2016-2097, upgrade the affected package to a fixed version below.

—upgrade to 2:4.2.5.2-1 or later
—upgrade to 2:4.1.8-1+deb8u2 or later
—upgrade to 3.2.22.2 or later
—upgrade to 3.2.22.2 or later

Is CVE-2016-2097 being exploited?

Low — EPSS is 1.9%, meaning exploitation activity has not been observed at scale.

Affected packages (4)

from 0, < 2:4.2.5.2-1
from 0, < 2:4.1.8-1+deb8u2
>= 3.0.0, < 3.2.22.2
>= 3.0.0, < 3.2.22.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.3	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References (15)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2016-2097
ADVISORYsecurity-tracker.debian.org/tracker/CVE-2016-2097
PATCHgithub.com/rails/rails
WEBlists.opensuse.org/opensuse-security-announce/2016-03/msg00080.html
WEB