Bug 2450545 (CVE-2026-33173)
| Summary: | CVE-2026-33173 Rails: Active Storage: Rails Active Storage: Content type bypass via arbitrary metadata in direct uploads | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | akostadi, amasferr, dmayorov, jlledo, jvasik, kaycoth, pantinor, rblanco, tsedmik, vmugicag |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in Rails Active Storage. A remote attacker, acting as a direct-upload client, can exploit this vulnerability by manipulating metadata during file uploads. By setting internal flags, the attacker can bypass the system's automatic MIME (Multipurpose Internet Mail Extensions) type detection and analysis. This allows the attacker to upload arbitrary content, potentially circumventing security validations that rely on correct content type identification.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2026-03-24 00:02:10 UTC
|