Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-daww-8648-tqax
Summary
Moderate severity vulnerability that affects sprockets
Withdrawn, accidental duplicate publish.

Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.
Aliases
0
alias GHSA-r4x3-g983-9g48
Fixed_packages
0
url pkg:gem/sprockets@2.0.5
purl pkg:gem/sprockets@2.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.5
1
url pkg:gem/sprockets@2.1.4
purl pkg:gem/sprockets@2.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.1.4
2
url pkg:gem/sprockets@2.2.3
purl pkg:gem/sprockets@2.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.2.3
3
url pkg:gem/sprockets@2.4.6
purl pkg:gem/sprockets@2.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.6
4
url pkg:gem/sprockets@2.5.1
purl pkg:gem/sprockets@2.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.5.1
5
url pkg:gem/sprockets@2.7.1
purl pkg:gem/sprockets@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.7.1
6
url pkg:gem/sprockets@2.8.3
purl pkg:gem/sprockets@2.8.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.8.3
7
url pkg:gem/sprockets@2.9.4
purl pkg:gem/sprockets@2.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.9.4
8
url pkg:gem/sprockets@2.10.2
purl pkg:gem/sprockets@2.10.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.10.2
9
url pkg:gem/sprockets@2.11.3
purl pkg:gem/sprockets@2.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.11.3
10
url pkg:gem/sprockets@2.12.3
purl pkg:gem/sprockets@2.12.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.12.3
Affected_packages
0
url pkg:gem/sprockets@0.9.0
purl pkg:gem/sprockets@0.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@0.9.0
1
url pkg:gem/sprockets@0.9.1
purl pkg:gem/sprockets@0.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@0.9.1
2
url pkg:gem/sprockets@1.0.0
purl pkg:gem/sprockets@1.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@1.0.0
3
url pkg:gem/sprockets@1.0.1
purl pkg:gem/sprockets@1.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@1.0.1
4
url pkg:gem/sprockets@1.0.2
purl pkg:gem/sprockets@1.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@1.0.2
5
url pkg:gem/sprockets@2.0.0
purl pkg:gem/sprockets@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.0
6
url pkg:gem/sprockets@2.0.1
purl pkg:gem/sprockets@2.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.1
7
url pkg:gem/sprockets@2.0.2
purl pkg:gem/sprockets@2.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.2
8
url pkg:gem/sprockets@2.0.3
purl pkg:gem/sprockets@2.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.3
9
url pkg:gem/sprockets@2.0.4
purl pkg:gem/sprockets@2.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.4
10
url pkg:gem/sprockets@2.1.0
purl pkg:gem/sprockets@2.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.1.0
11
url pkg:gem/sprockets@2.1.1
purl pkg:gem/sprockets@2.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.1.1
12
url pkg:gem/sprockets@2.1.2
purl pkg:gem/sprockets@2.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.1.2
13
url pkg:gem/sprockets@2.1.3
purl pkg:gem/sprockets@2.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.1.3
14
url pkg:gem/sprockets@2.2.0
purl pkg:gem/sprockets@2.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.2.0
15
url pkg:gem/sprockets@2.2.1
purl pkg:gem/sprockets@2.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.2.1
16
url pkg:gem/sprockets@2.2.2
purl pkg:gem/sprockets@2.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.2.2
17
url pkg:gem/sprockets@2.4.0
purl pkg:gem/sprockets@2.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.0
18
url pkg:gem/sprockets@2.4.1
purl pkg:gem/sprockets@2.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.1
19
url pkg:gem/sprockets@2.4.2
purl pkg:gem/sprockets@2.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.2
20
url pkg:gem/sprockets@2.4.3
purl pkg:gem/sprockets@2.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.3
21
url pkg:gem/sprockets@2.4.4
purl pkg:gem/sprockets@2.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.4
22
url pkg:gem/sprockets@2.4.5
purl pkg:gem/sprockets@2.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.5
23
url pkg:gem/sprockets@2.5.0
purl pkg:gem/sprockets@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.5.0
24
url pkg:gem/sprockets@2.6.0
purl pkg:gem/sprockets@2.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.6.0
25
url pkg:gem/sprockets@2.6.1
purl pkg:gem/sprockets@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.6.1
26
url pkg:gem/sprockets@2.7.0
purl pkg:gem/sprockets@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.7.0
27
url pkg:gem/sprockets@2.8.0
purl pkg:gem/sprockets@2.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.8.0
28
url pkg:gem/sprockets@2.8.1
purl pkg:gem/sprockets@2.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.8.1
29
url pkg:gem/sprockets@2.8.2
purl pkg:gem/sprockets@2.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.8.2
30
url pkg:gem/sprockets@2.9.0
purl pkg:gem/sprockets@2.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.9.0
31
url pkg:gem/sprockets@2.9.2
purl pkg:gem/sprockets@2.9.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.9.2
32
url pkg:gem/sprockets@2.9.3
purl pkg:gem/sprockets@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.9.3
33
url pkg:gem/sprockets@2.10.0
purl pkg:gem/sprockets@2.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.10.0
34
url pkg:gem/sprockets@2.10.1
purl pkg:gem/sprockets@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.10.1
35
url pkg:gem/sprockets@2.11.0
purl pkg:gem/sprockets@2.11.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.11.0
36
url pkg:gem/sprockets@2.12.0
purl pkg:gem/sprockets@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.12.0
37
url pkg:gem/sprockets@2.12.1
purl pkg:gem/sprockets@2.12.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.12.1
38
url pkg:gem/sprockets@2.12.2
purl pkg:gem/sprockets@2.12.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-daww-8648-tqax
1
vulnerability VCID-g8de-56gr-37cf
2
vulnerability VCID-s6cp-dk5r-v3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.12.2
References
0
reference_url https://github.com/advisories/GHSA-r4x3-g983-9g48
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-r4x3-g983-9g48
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7819
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7819
Weaknesses
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-daww-8648-tqax