CVE-2015-2784

CRITICAL

papercrop < 0.3.0 - Improper Input Validation

Title source: llm

The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input.

Core 2

Core References

Patch, Third Party Advisory x_refsource_confirm

Release Notes, Third Party Advisory x_refsource_confirm

CVSS v3 9.8

EPSS 0.0043

EPSS Percentile 63.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-20

Status published

Products (2)

papercrop_project/papercrop < 0.3.0

rubygems/papercrop 0 - 0.3.0RubyGems

Published Jan 21, 2020

Tracked Since Feb 18, 2026