CVE-2013-0262: Symlink path traversal in Rack::File
(updated )
Affected versions allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka “symlink path traversals.”
References
Detect and mitigate CVE-2013-0262 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →