Vulnerabilities > Rack Project > Rack > 2.0.9.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-02 | CVE-2020-8161 | Path Traversal vulnerability in multiple products A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure. | 8.6 |
| 2020-06-19 | CVE-2020-8184 | Improper Input Validation vulnerability in multiple products A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix. | 7.5 |