Lucene search

K

GoogleOSV:GHSA-5F9H-9PJV-V6J7

HistoryJul 06, 2020 - 9:31 p.m.

Directory traversal in Rack::Directory app bundled with Rack

2020-07-0621:31:02

Google

osv.dev

12

0.002 Low

EPSS

Percentile

54.9%

A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.

CPENameOperatorVersion
rackeq1.6.0.beta
rackeq1.2.6
rackeq1.4.0
rackeq1.3.0
rackeq1.3.0.beta
rackeq2.1.1
rackeq1.5.0
rackeq2.0.1
rackeq2.0.9.1
rackeq1.2.3

Rows per page:

1-10 of 871

References

github.com/rack/rack

github.com/rack/rack/commit/dddb7ad18ed79ca6ab06ccc417a169fde451246e

github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2020-8161.yml

groups.google.com/forum/#!topic/ruby-security-ann/T4ZIsfRf2eA

groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA

lists.debian.org/debian-lts-announce/2020/07/msg00006.html

lists.debian.org/debian-lts-announce/2023/01/msg00038.html

nvd.nist.gov/vuln/detail/CVE-2020-8161

usn.ubuntu.com/4561-1

0.002 Low

EPSS

Percentile

54.9%

Related for OSV:GHSA-5F9H-9PJV-V6J7

openvas7 veracode1 osv6 nessus7 cvelist1 redhatcve1 prion1 github1 nvd1 debian3 ubuntucve1 debiancve1 cve1 ubuntu2 mageia1 suse1 redhat1