CVE-2026-44837
Analyzed Analyzed - Analysis Complete

Path Traversal in ViewComponent Ruby Gem

Vulnerability report for CVE-2026-44837, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-05-26

Last updated on: 2026-06-02

Assigner: GitHub, Inc.

Description

view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file path with File.realpath, then checks whether the resolved path starts with the temp directory path. This is not a safe containment check because sibling directories can share the same string prefix. This vulnerability is fixed in 4.9.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-05-26
Last Modified
2026-06-02
Generated
2026-07-06
AI Q&A
2026-05-27
EPSS Evaluated
2026-07-04
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
viewcomponent view_component From 3.0.0 (inc) to 4.9.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-187 The product performs a comparison that only examines a portion of a factor before determining whether there is a match, such as a substring, leading to resultant weaknesses.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, upgrade the view_component framework to version 4.9.0 or later, where the issue has been fixed.

Executive Summary

The vulnerability exists in the view_component framework for Ruby on Rails versions 3.0.0 to 4.9.0. It involves the system test entrypoint which canonicalizes a user-controlled file path using File.realpath and then checks if the resolved path starts with the temporary directory path. However, this containment check is unsafe because sibling directories can share the same string prefix, potentially allowing unauthorized access to files outside the intended directory.

Impact Analysis

This vulnerability can lead to unauthorized file access because the containment check can be bypassed by exploiting directory name prefixes. An attacker might be able to access or manipulate files outside the intended temporary directory, which could result in exposure of sensitive information or other security issues.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44837. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart