Rails Asset Pipeline Directory Traversal Vulnerability (CVE-2018-3760)

All previously released versions of Sprockets, the software that powers the Rails asset pipeline, contain a directory traversal vulnerability. This vulnerability has been assigned CVE-2018-3760.

How Do I know if I’m Affected?

The Rails applications are vulnerable if they have this setting enabled in their application:


DZone Security Zone

Sharing is caring!

Pavlos Papadopoulos

TechNews

TheLatestTechNews is a personal news blog that is covering Latest Technology News, Computers, Smartphones, Cameras, Digital Marketing, SEO Tips & Tricks

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

shares