PT-2026-27262 · Rails+1 · Rails+1
Mike Dalessio
·
Publicado
2026-03-23
·
Atualizado
2026-05-08
·
CVE-2026-33195
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Rails versions prior to 8.1.2.1
Rails versions prior to 8.0.4.1
Rails versions prior to 7.2.3.1
Description
Active Storage in Rails applications allows users to attach cloud and local files. The
DiskService#path for function does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path traversal sequences (e.g., ../) is used, it could allow reading, writing, or deleting arbitrary files on the server. Blob keys are expected to be trusted strings, but applications passing user input as keys would be affected.Recommendations
Update to Rails version 8.1.2.1 or later.
Update to Rails version 8.0.4.1 or later.
Update to Rails version 7.2.3.1 or later.
Exploit
Correção
Path traversal
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Rails
Red Os