A file traversal vulnerability was discovered in src:ruby-sinatra, a popular web server often used with Ruby on Rails. We now validate that any expanded paths match the allowed `public_dir` when serving static files.
This article has been indexed from LinuxSecurity.com – Hybrid RSS
Read the original article: