actionview gem is vulnerable to directory traversal and information disclosure. This vulnerability affects applications which pass user input directly into the βrenderβ method in an action view controller without verification. Using this vulnerability, attackers can render files from outside the view directory and potentially perform remote code execution. This CVE is handling the issues for all the scenarios which were not covered in CVE-2016-0752.