CVE-2022-29970
Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files.
Date published : 2022-05-02
https://github.com/sinatra/sinatra/pull/1683/commits/462c3ca1db53ed3cfc394cf5948e9c948ad1c10e
Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files.
Date published : 2022-05-02
https://github.com/sinatra/sinatra/pull/1683/commits/462c3ca1db53ed3cfc394cf5948e9c948ad1c10e