Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

2025-04-25 08:57

Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions. The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below - CVE-2025-27610 (CVSS score: 7.5) - A path traversal

News URL

https://thehackernews.com/2025/04/researchers-identify-rackstatic.html

#breaches #researcher #ruby #server #vulnerability #CVE-2025-27610

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2025-03-10	CVE-2025-27610	Rack provides an interface for developing web applications in Ruby. CWE-23	0.0

News URL

Related news

Related Vulnerability