Contents

---
gem: sinatra
cve: 2018-7212
url: https://github.com/sinatra/sinatra/pull/1379
date: 2018-01-09
title: sinatra ruby gem path traversal via backslash characters on Windows
description: |
  An issue was discovered in rack-protection/lib/rack/protection/path_traversal.rb
  in Sinatra 2.x before 2.0.1 on Windows. Path traversal is possible via backslash
  characters.

cvss_v3: 5.3
cvss_v2: 5.0

patched_versions:
  - ">= 2.0.1"

unaffected_versions:
  - "< 2.0.0"

Version data entries

1 entries across 1 versions & 1 rubygems

Version	Path
bundler-audit-0.7.0.1	data/ruby-advisory-db/gems/sinatra/CVE-2018-7212.yml