CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2022-45442 – Sinatra vulnerable to Reflected File Download attack
https://notcve.org/view.php?id=CVE-2022-45442
28 Nov 2022 — Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input. Version 2.2.3 and 3.0.4 contain patches for this issue. Sinatra es un lenguaje de dominio específico para crear aplicaciones web en Ruby. • https://github.com/advisories/GHSA-8x94-hmjh-97hq • CWE-494: Download of Code Without Integrity Check •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-29970 – sinatra: path traversal possible outside of public_dir when serving static files
https://notcve.org/view.php?id=CVE-2022-29970
02 May 2022 — Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files. Sinatra versiones anteriores a 2.2.0, no comprueba que la ruta expandida coincida con public_dir cuando sirve archivos estáticos A flaw was found in Sinatra when serving static files from the public directory. The requested path is not validated if it is in the public directory, allowing files outside of the public directory to be served. Red Hat Satellite is a systems management tool for Linux-based ... • https://github.com/sinatra/sinatra/pull/1683/commits/462c3ca1db53ed3cfc394cf5948e9c948ad1c10e • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 1CVE-2018-11627 – rubygem-sinatra: XSS in the 400 Bad Request page
https://notcve.org/view.php?id=CVE-2018-11627
31 May 2018 — Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception. Sinatra en versiones anteriores a la 2.0.2 tiene Cross-Site Scripting (XSS) a través de la página 400 Bad Request que se produce en una excepción del analizador de parámetros. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller fram... • https://access.redhat.com/errata/RHSA-2019:0212 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2018-1000119 – rack-protection: Timing attack in authenticity_token.rb
https://notcve.org/view.php?id=CVE-2018-1000119
07 Mar 2018 — Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0. Sinatra rack-protection, en versiones 1.5.4, 2.0.0.rc3 y anteriores, contiene una vulnerabilidad de ataque de sincronización en la comprobación de token CSRF que puede resultar en qu... • https://access.redhat.com/errata/RHSA-2018:1060 • CWE-203: Observable Discrepancy CWE-385: Covert Timing Channel •
CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0CVE-2018-7212
https://notcve.org/view.php?id=CVE-2018-7212
18 Feb 2018 — An issue was discovered in rack-protection/lib/rack/protection/path_traversal.rb in Sinatra 2.x before 2.0.1 on Windows. Path traversal is possible via backslash characters. Se ha descubierto un problema en rack-protection/lib/rack/protection/path_traversal.rb en las versiones 2.x de Sinatra anteriores a la 2.0.1 en Windows. Es posible el salto de directorio mediante caracteres de barra diagonal invertida. • https://github.com/sinatra/sinatra/commit/6ad721abcfe36334108dcdd05d046c361e1b7a9c • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •