Sinatrarb - Sinatra CVE

Filtered by vendor Sinatrarb Subscribe

Filtered by product Sinatra

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-11627	2 Redhat, Sinatrarb	2 Cloudforms, Sinatra	2019-02-26	4.3 MEDIUM	6.1 MEDIUM
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
CVE-2018-7212	2 Microsoft, Sinatrarb	2 Windows, Sinatra	2018-03-19	5.0 MEDIUM	5.3 MEDIUM
An issue was discovered in rack-protection/lib/rack/protection/path_traversal.rb in Sinatra 2.x before 2.0.1 on Windows. Path traversal is possible via backslash characters.

Vulnerabilities (CVE)