CVE-2026-44837 | THREATINT

Description

view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file path with File.realpath, then checks whether the resolved path starts with the temp directory path. This is not a safe containment check because sibling directories can share the same string prefix. This vulnerability is fixed in 4.9.0.

PUBLISHED Reserved 2026-05-07 | Published 2026-05-26 | Updated 2026-05-28 | Assigner GitHub_M

MEDIUM: 5.9CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-187: Partial String Comparison

Product status

>= 3.0.0, < 4.9.0

affected

References

github.com/...ponent/security/advisories/GHSA-hg3h-g7xc-f7vp exploit

github.com/...ponent/security/advisories/GHSA-hg3h-g7xc-f7vp

cve.org (CVE-2026-44837)

nvd.nist.gov (CVE-2026-44837)

Download JSON