Homepage
About Snyk

Arbitrary Code Injection Affecting actionpack package, versions >=4.0.0, <4.1.14.2 >=4.2.0, <4.2.5.2 >=3.2.0.rc1, <3.2.22.2

0.0
high

Snyk CVSS

    Attack Complexity Low

    Threat Intelligence

    Exploit Maturity Mature
    EPSS 94.67% (100th percentile)
Expand this section
NVD
7.3 high
Expand this section
Red Hat
6.3 medium

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-RUBY-ACTIONPACK-20264
  • published 28 Feb 2016
  • disclosed 28 Feb 2016
  • credit Tobias Kraze, joernchen
Report a new vulnerability Found a mistake?

Introduced: 28 Feb 2016

CVE-2016-2098 Open this link in a new tab
CWE-94 Open this link in a new tab

Overview

actionpack is a web app builder and tester on Rails. Affected versions of this Gem are vulnerable to Arbitrary Code Injection.

Details

Applications that pass unverified user input to the render method in a controller or a view may be vulnerable to a code injection.

Impacted code will look like this:

class TestController < ApplicationController
  def show
    render params[:id]
  end
end

An attacker could use the request parameters to coerce the above example to execute arbitrary ruby code.

All users running an affected release should either upgrade or use one of the workarounds immediately.