Question 1

What is CVE-2014-0130 — Ruby on Rails Directory Traversal Vulnerability?

Accepted Answer

Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request.

Question 2

What is the authoritative source for CVE-2014-0130?

Accepted Answer

Ruby on Rails Directory Traversal Vulnerability (CVE-2014-0130) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2014-0130Ruby on Rails Directory Traversal Vulnerability

Description

Scoring

CISA KEV entry

(incoming)1

Related by meaning· 6