CVE-2026-44837
Path Traversal in ViewComponent Ruby Gem
Publication date: 2026-05-26
Last updated on: 2026-05-26
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-187 | The product performs a comparison that only examines a portion of a factor before determining whether there is a match, such as a substring, leading to resultant weaknesses. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, upgrade the view_component framework to version 4.9.0 or later, where the issue has been fixed.
Can you explain this vulnerability to me?
The vulnerability exists in the view_component framework for Ruby on Rails versions 3.0.0 to 4.9.0. It involves the system test entrypoint which canonicalizes a user-controlled file path using File.realpath and then checks if the resolved path starts with the temporary directory path. However, this containment check is unsafe because sibling directories can share the same string prefix, potentially allowing unauthorized access to files outside the intended directory.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized file access because the containment check can be bypassed by exploiting directory name prefixes. An attacker might be able to access or manipulate files outside the intended temporary directory, which could result in exposure of sensitive information or other security issues.