Vulnerabilities > Sinatrarb

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-28	CVE-2022-45442	Download of Code Without Integrity Check vulnerability in multiple products Sinatra is a domain-specific language for creating web applications in Ruby. network low complexity sinatrarb debian CWE-494	8.8
2022-05-02	CVE-2022-29970	Path Traversal vulnerability in multiple products Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files. network low complexity sinatrarb debian CWE-22	7.5
2018-05-31	CVE-2018-11627	Cross-site Scripting vulnerability in multiple products Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception. network low complexity sinatrarb redhat CWE-79	6.1
2018-03-07	CVE-2018-1000119	Information Exposure Through Discrepancy vulnerability in Sinatrarb Rack-Protection 2.0.0 Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. network high complexity sinatrarb CWE-203	5.9
2018-02-18	CVE-2018-7212	Path Traversal vulnerability in Sinatrarb Sinatra 2.0.0/2.0.1 An issue was discovered in rack-protection/lib/rack/protection/path_traversal.rb in Sinatra 2.x before 2.0.1 on Windows. network low complexity sinatrarb CWE-22	5.3

Vulnerabilities > Sinatrarb {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Sinatrarb"}]}