sinatra and rack-protection are vulnerable to directory traversal attacks. The libraries did not take into account the \\\\
within Windows systems as a method of traversal, allowing attackers to walk the file system.
CPE | Name | Operator | Version |
---|---|---|---|
rack-protection | le | 2.0.0 | |
sinatra | le | 2.0.0 |