Debian Security Update DSA-4242 ruby-sprockets - security update

LinuxBot

Member
Joined
Apr 25, 2017
Messages
6,755
Reaction score
94
Credits
-1,257
Orange Tsai discovered a path traversal flaw in ruby-sprockets, a Rack-based asset packaging system. A remote attacker can take advantage of this flaw to read arbitrary files outside an application's root directory via specially crafted requests, when the Sprockets server is used in production.

Continue reading...
 


Follow Linux.org

Members online


Latest posts

Top