Vulnerabilities > Sinatrarb > Sinatra > 2.0.8

DATE CVE VULNERABILITY TITLE RISK
2022-11-28 CVE-2022-45442 Download of Code Without Integrity Check vulnerability in multiple products
Sinatra is a domain-specific language for creating web applications in Ruby.
network
low complexity
sinatrarb debian CWE-494
8.8
8.8
2022-05-02 CVE-2022-29970 Path Traversal vulnerability in multiple products
Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files.
network
low complexity
sinatrarb debian CWE-22
7.5
7.5