
Rails Asset Pipeline Directory Traversal Vulnerability (CVE-2018-3760) - schneems
https://blog.heroku.com/rails-asset-pipeline-vulnerability
======
schneems
Of note, this is the first security vulnerability that Heroku has ever decided
to explicitly target via config [https://devcenter.heroku.com/changelog-
items/1437](https://devcenter.heroku.com/changelog-items/1437)

