Lucene search
SuseOPENSUSE-SU-2018:2124-1HistoryJul 28, 2018 - 4:02 p.m.
Security update for rubygem-sprockets (moderate)
2018-07-2816:02:02
lists.opensuse.org
15
0.023 Low
EPSS
Percentile
89.7%
This update for rubygem-sprockets fixes the following issues:
The following security vulnerability was addressed:
- CVE-2018-3760: Fixed a path traversal issue in
sprockets/server.rb:forbidden_request?(), which allowed remote attackers
to read arbitrary files (bsc#1098369)
This update was imported from the SUSE:SLE-15:Update update project.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.0 | x86_64 | ruby2.5-rubygem-sprockets | <Β 3.7.2-lp150.2.3.1 | ruby2.5-rubygem-sprockets-3.7.2-lp150.2.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | ruby2.5-rubygem-sprockets-doc | <Β 3.7.2-lp150.2.3.1 | ruby2.5-rubygem-sprockets-doc-3.7.2-lp150.2.3.1.x86_64.rpm |
References
Related
openvas
openvas
Debian: Security Advisory (DSA-4242-1)
2018-07-08 00:00:00
Fedora Update for rubygem-sprockets FEDORA-2018-fd29597fa4
2018-07-15 00:00:00
Fedora Update for rubygem-sprockets FEDORA-2018-2735a12b72
2018-07-15 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: rubygem-sprockets-3.7.2-1.fc27
2018-07-14 23:36:29
[SECURITY] Fedora 28 Update: rubygem-sprockets-3.7.2-1.fc28
2018-07-15 03:33:48
veracode
veracode
Directory Traversal
2018-06-20 08:36:16
Directory Traversal
2019-01-15 09:24:20
nessus
nessus
openSUSE Security Update : rubygem-sprockets (openSUSE-2018-773)
2018-07-30 00:00:00
Fedora 27 : rubygem-sprockets (2018-fd29597fa4)
2018-07-24 00:00:00
openSUSE Security Update : rubygem-sprockets (openSUSE-2019-542)
2019-03-27 00:00:00
osv
osv
Sprockets path traversal leads to information leak
2018-06-20 22:18:58
ruby-sprockets - security update
2018-07-09 00:00:00
ruby-sprockets - security update
2018-07-12 00:00:00
cvelist
cvelist
CVE-2018-3760
2018-06-19 00:00:00
hackerone
hackerone
nuclei
nuclei
Ruby On Rails - Local File Inclusion
2020-04-05 18:01:09
nvd
nvd
CVE-2018-3760
2018-06-26 19:29:00
debian
debian
[SECURITY] [DSA 4242-1] ruby-sprockets security update
2018-07-09 21:06:50
[SECURITY] [DSA 4242-1] ruby-sprockets security update
2018-07-09 21:06:50
[SECURITY] [DLA-1419-1] ruby-sprockets security update
2018-07-12 09:30:56
suse
suse
Security update for rubygem-sprockets (important)
2018-06-29 21:15:11
ubuntucve
ubuntucve
CVE-2018-3760
2018-06-26 00:00:00
cve
cve
CVE-2018-3760
2018-06-26 19:29:00
redhatcve
redhatcve
CVE-2018-3760
2019-10-09 16:26:49
seebug
seebug
Ruby on Rails θ·―εΎη©ΏθΆδΈδ»»ζζδ»Άθ―»εζΌζ΄(CVE-2018-3760)εζ
2018-08-08 00:00:00
prion
prion
Information disclosure
2018-06-26 19:29:00
redhat
redhat
(RHSA-2018:2244) Important: rh-ror42-rubygem-sprockets security update
2018-07-24 07:16:08
(RHSA-2018:2245) Important: rh-ror50-rubygem-sprockets security update
2018-07-24 07:16:12
debiancve
debiancve
CVE-2018-3760
2018-06-26 19:29:00
github
github
Sprockets path traversal leads to information leak
2018-06-20 22:18:58