Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NDebian
OSDebian8.0Opensuse Leap
OSOpensuse42.1Opensuse
OSOpensuse13.2Red Hat Software Collections
APPRedhat1.0Rubyonrails Rails
APPRubyonrails5.0.04.2.0 – 4.2.5.1 (bez)4.0.0 – 4.1.14.1 (bez)< 3.2.22.1SUSE Linux Enterprise Module For Containers
OSSuse12
CISA KEV — detailsi
- Vendori
- Rails
- Producti
- Ruby on Rails
- Added to KEVi
- March 25, 2022
- Remediation deadline (US Federal)i
- April 15, 2022(overdue)
Apply updates per vendor instructions.
Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.
Related vulnerabilities
GNU Inetutils telnetd: ominięcie uwierzytelnienia przez zmienną USER
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
RCE przez deserializację PHP w Roundcube Webmail (parametr _from)
Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki