View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2013-0262 severity moderate: SUSE including 55 source package names (ruby2.1-rubygem-chef-10.32.2-3.1, ruby2.1-rubygem-chef-10.32.2-3.2, …), 57 product×package rows across 7 product lines (SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5, SUSE Linux Enterprise Software Development Kit 11 SP4, … (7 product lines)): Fixed 53, Known Not Affected 4.
rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka "symlink path traversals."