RSS   Podatności dla 'Webrick'   RSS

2019-05-10
 
CVE-2019-11879

CWE-22
 

 
** DISPUTED ** The WEBrick gem 1.4.2 for Ruby allows directory traversal if the attacker once had local access to create a symlink to a location outside of the web root directory. NOTE: The vendor states that this is analogous to Options FollowSymlinks in the Apache HTTP Server, and therefore it is "not a problem."

 

 >>> Vendor: Ruby-lang 8 Produkty
Openssl
RUBY
Webrick
CGI
RDOC
Trunk
RAKE
Rexml


Copyright 2024, cxsecurity.com

 

Back to Top