Skip to content

actionpack allows remote attackers to bypass intended access restrictions

High severity GitHub Reviewed Published Oct 24, 2017 to the GitHub Advisory Database • Updated May 12, 2023

Package

bundler actionpack (RubyGems)

Affected versions

>= 3.0.0, < 3.0.4

Patched versions

3.0.4

Description

actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action name that uses an unintended case for alphabetic characters.

References

Published to the GitHub Advisory Database Oct 24, 2017
Reviewed Jun 16, 2020
Last updated May 12, 2023

Severity

High

EPSS score

1.146%
(85th percentile)

Weaknesses

No CWEs

CVE ID

CVE-2011-0449

GHSA ID

GHSA-4ww3-3rxj-8v6q

Credits

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.