MidnightBSD

Advisories for schneems

CVE-2013-4413 MEDIUM

Directory traversal vulnerability in controller/concerns/render_redirect.rb in the Wicked gem before 1.0.1 for Ruby allows remote attackers to read arbitrary files via a %2E%2E%2F (encoded dot dot slash) in the step.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
schneems wicked 0.1.0
schneems wicked 0.1.2
schneems wicked *
schneems wicked 0.3.0
schneems wicked 0.4.0
schneems wicked 0.3.3
schneems wicked 0.3.4
schneems wicked 0.6.0
schneems wicked 0.0.1
schneems wicked 0.1.6
schneems wicked 0.5.0
schneems wicked 0.1.3
schneems wicked 0.3.1
schneems wicked 0.2.0
schneems wicked 0.1.1
schneems wicked 0.3.2
schneems wicked 0.6.1
schneems wicked 0.0.2
schneems wicked 0.1.4
schneems wicked 0.1.5