CVE-2024-32978: Kaminari Insecure File Permissions Vulnerability

May 28, 2024

A moderate severity security vulnerability has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This advisory outlines the vulnerability, affected versions, and provides guidance for mitigation.

References

github.com/advisories/GHSA-7r3j-qmr4-jfpj
github.com/kaminari/kaminari
github.com/kaminari/kaminari/security/advisories/GHSA-7r3j-qmr4-jfpj
nvd.nist.gov/vuln/detail/CVE-2024-32978

Detect and mitigate CVE-2024-32978 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →