Rack Vulnerable to Path Traversal

Description

rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka "symlink path traversals."

Basic information

Type
reviewed
Severity
medium
Advisory on GitHub
Open advisory ↗
Repository advisory
Source code
Browse source ↗
Published (advisory)
2017-10-24 18:33:37 UTC
Updated
2023-08-25 23:30:16 UTC
GitHub reviewed
2020-06-16 21:24:29 UTC
NVD published
2013-02-08

EPSS Score

Score Percentile
1.26% 79.30%

CVSS Scores

No CVSS scores in this advisory.

Identifiers

CWEs

CWE id Name
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected packages (2)

Vulnerable version ranges and first patched releases as published by GitHub.

Ecosystem Package Vulnerable range First patched Vulnerable functions
rubygems rack >= 1.5.0, < 1.5.2 1.5.2
rubygems rack >= 1.4.0, < 1.4.5 1.4.5

References

cvelogic Threat Intelligence