CVE-2018-7212

NONE EPSS 76.8%
Published Feb 18, 20188y ago · Modified Jun 17, 20262w ago
Find Similar
Published Feb 18, 2018 8y ago
Last Modified Jun 17, 2026 2w ago

Description

An issue was discovered in rack-protection/lib/rack/protection/path_traversal.rb in Sinatra 2.x before 2.0.1 on Windows. Path traversal is possible via backslash characters.

Threat Intelligence

EPSS Exploit Probability
76.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 10

VendorProductVersionRange
sinatrarbsinatra2.0.0any
sinatrarbsinatra2.0.0any
sinatrarbsinatra2.0.0any
sinatrarbsinatra2.0.0any
sinatrarbsinatra2.0.0any
sinatrarbsinatra2.0.0any
sinatrarbsinatra2.0.0any
sinatrarbsinatra2.0.0any
sinatrarbsinatra2.0.1any
microsoftwindows*any

References 2

  • github.com https://github.com/sinatra/sinatra/commit/6ad721abcfe36334108dcdd05d046c361e1b7a9c
    Third Party Advisory
  • github.com https://github.com/sinatra/sinatra/pull/1379
    Issue TrackingThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.