Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-32978

Опубликовано: 27 мая 2024
Источник: nvd
CVSS3: 6.6
EPSS Низкий

Описание

Kaminari is a paginator for web app frameworks and object relational mappings. A security vulnerability involving insecure file permissions has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This vulnerability is of moderate severity due to the potential for unauthorized write access to particular Ruby files managed by the library. Such access could lead to the alteration of application behavior or data integrity issues. Users of affected versions are advised to update to Kaminari version 0.16.2 or later, where file permissions have been adjusted to enhance security. If upgrading is not feasible immediately, review and adjust the file permissions for particular Ruby files in Kaminari to ensure they are only accessible by authorized user.

Ссылки

EPSS

Процентиль: 34%
0.00132
Низкий

6.6 Medium

CVSS3

Дефекты

CWE-276

Связанные уязвимости

ubuntu логотип

CVE-2024-32978

CVSS3: 6.6
ubuntu
больше 1 года назад

Kaminari is a paginator for web app frameworks and object relational mappings. A security vulnerability involving insecure file permissions has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This vulnerability is of moderate severity due to the potential for unauthorized write access to particular Ruby files managed by the library. Such access could lead to the alteration of application behavior or data integrity issues. Users of affected versions are advised to update to Kaminari version 0.16.2 or later, where file permissions have been adjusted to enhance security. If upgrading is not feasible immediately, review and adjust the file permissions for particular Ruby files in Kaminari to ensure they are only accessible by authorized user.

debian логотип

CVE-2024-32978

CVSS3: 6.6
debian
больше 1 года назад

Kaminari is a paginator for web app frameworks and object relational m ...

github логотип

GHSA-7r3j-qmr4-jfpj

CVSS3: 6.6
github
больше 1 года назад

Kaminari Insecure File Permissions Vulnerability

EPSS

Процентиль: 34%
0.00132
Низкий

6.6 Medium

CVSS3

Дефекты

CWE-276