Lucene search
RubySecRUBY:RACK-2013-0262-89938HistoryFeb 06, 2013 - 8:00 p.m.
CVE-2013-0262 rubygem-rack: Path sanitization information disclosure
2013-02-0620:00:00
RubySec
rubysec.com
10
rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before
1.4.5 allows attackers to access arbitrary files outside the intended root directory
via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability
that is remotely exploitable, aka “symlink path traversals.”
References
Related
prion
prion
Directory traversal
2013-02-08 20:55:00
ubuntucve
ubuntucve
CVE-2013-0262
2013-02-08 00:00:00
github
github
Rack Vulnerable to Path Traversal
2017-10-24 18:33:37
cve
cve
CVE-2013-0262
2013-02-08 20:55:00
debiancve
debiancve
CVE-2013-0262
2013-02-08 20:55:00
veracode
veracode
Arbitrary File Access Using A Symlink Attack
2019-01-15 09:00:19
Input Validation Bypass
2019-05-02 04:44:00
Cross-Site Request Forgery (CSRF)
2019-05-02 04:44:00
osv
osv
Rack Vulnerable to Path Traversal
2017-10-24 18:33:37
nessus
nessus
Fedora 18 : rubygem-rack-1.4.0-5.fc18 (2013-2306)
2013-05-08 00:00:00
Fedora 17 : rubygem-rack-1.4.0-4.fc17 (2013-2315)
2013-05-08 00:00:00
freebsd
freebsd
Ruby Rack Gem -- Multiple Issues
2013-02-08 00:00:00
openvas
openvas
Fedora Update for rubygem-rack FEDORA-2013-2306
2013-05-09 00:00:00
Fedora Update for rubygem-rack FEDORA-2013-2315
2013-05-09 00:00:00
Fedora Update for rubygem-rack FEDORA-2013-2315
2013-05-09 00:00:00
gentoo
gentoo
Rack: Multiple vulnerabilities
2014-05-17 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-rack-1.4.0-5.fc18
2013-05-07 18:33:02
[SECURITY] Fedora 17 Update: rubygem-rack-1.4.0-4.fc17
2013-05-07 18:29:19
redhat
redhat
(RHSA-2013:0638) Moderate: Red Hat OpenShift Enterprise 1.1.2 update
2013-03-12 00:00:00
Related for RUBY:RACK-2013-0262-89938