Rack Project : Security Vulnerabilities, CVEs, CVSS score >= 8
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
Max CVSS
10.0
EPSS Score
0.30%
Published
2022-12-05
Updated
2023-12-08
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
Max CVSS
8.6
EPSS Score
0.18%
Published
2020-07-02
Updated
2023-02-02
2 vulnerabilities found