SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

OVAL

DSA-4918-1 ruby-rack-cors -- ruby-rack-cors

ID: oval:org.secpod.oval:def:605530	Date: (C)2021-05-19 (M)2023-12-20
Class: PATCH	Family: unix

Improper pathname handling in ruby-rack-cors, a middleware that makes Rack-based apps CORS compatible, may result in access to private resources.

Platform:

Debian 10.x

Product:

ruby-rack-cors

Reference:

DSA-4918-1