Ruby CVE-2018-8780 Directory Traversal Vulnerability

Ruby is prone to a directory-traversal vulnerability.

Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve sensitive information. This may aid in further attacks.

Ruby prior to 2.2.10, 2.3.x prior to 2.3.7, 2.4.x prior to 2.4.4, 2.5.x prior to 2.5.1, and 2.6.0-preview1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus