CVE-2020-8161
published 2020-07-02CVE-2020-8161: A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is…
PriorityP347high8.6CVSS 3.1
AVNACLPRNUINSCCHINAN
EPSS
3.59%
88.0th percentile
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | ruby-rack | < ruby-rack 2.1.1-5 (bookworm) | ruby-rack 2.1.1-5 (bookworm) |
| https | github.com_rack_rack | — | — |
| rack | rack | >= 0 < 2.1.3 | 2.1.3 |
| rack_project | rack | < 2.2.0 | 2.2.0 |
CVSS provenance
nvdv3.18.6HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv8.6HIGH
vendor_debian8.6HIGH
vendor_redhat8.6HIGH
vendor_ubuntu8.6HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
ruby-rack vulnerabilities
osv·2021-04-06·CVSS 8.6
CVE-2020-8161 [HIGH] ruby-rack vulnerabilities
ruby-rack vulnerabilities
USN-4561-1 fixed vulnerabilities in Rack. This update provides the
corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10.
Original advisory details:
It was discovered that Rack incorrectly handled certain paths. An attacker
could possibly use this issue to obtain sensitive information. This issue
only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2020-8161)
It was discovered that Rack incorrectly validated cookies. An attacker
could possibly use this issue to forge a secure cookie. (CVE-2020-8184)
OSV
ruby-rack vulnerabilities
osv·2020-09-30·CVSS 8.6
CVE-2020-8161 [HIGH] ruby-rack vulnerabilities
ruby-rack vulnerabilities
It was discovered that Rack incorrectly handled certain paths. An attacker
could possibly use this issue to obtain sensitive information.
(CVE-2020-8161)
It was discovered that Rack incorrectly validated cookies. An attacker
could possibly use this issue to forge a secure cookie. (CVE-2020-8184)
GHSA
Directory traversal in Rack::Directory app bundled with Rack
ghsa·2020-07-06
CVE-2020-8161 [HIGH] CWE-22 Directory traversal in Rack::Directory app bundled with Rack
Directory traversal in Rack::Directory app bundled with Rack
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
OSV
Directory traversal in Rack::Directory app bundled with Rack
osv·2020-07-06
CVE-2020-8161 [HIGH] Directory traversal in Rack::Directory app bundled with Rack
Directory traversal in Rack::Directory app bundled with Rack
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
OSV
CVE-2020-8161: A directory traversal vulnerability exists in rack < 2
osv·2020-07-02·CVSS 8.6
CVE-2020-8161 [HIGH] CVE-2020-8161: A directory traversal vulnerability exists in rack < 2
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
Ubuntu
Rack vulnerabilities
vendor_ubuntu·2021-04-06·CVSS 8.6
CVE-2020-8161 [HIGH] Rack vulnerabilities
Title: Rack vulnerabilities
Summary: Rack could be made to expose sensitive information over the network.
USN-4561-1 fixed vulnerabilities in Rack. This update provides the
corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10.
Original advisory details:
It was discovered that Rack incorrectly handled certain paths. An attacker
could possibly use this issue to obtain sensitive information. This issue
only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2020-8161)
It was discovered that Rack incorrectly validated cookies. An attacker
could possibly use this issue to forge a secure cookie. (CVE-2020-8184)
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
Rack vulnerabilities
vendor_ubuntu·2020-09-30·CVSS 8.6
CVE-2020-8161 [HIGH] Rack vulnerabilities
Title: Rack vulnerabilities
Summary: Rack could be made to expose sensitive information over the network.
It was discovered that Rack incorrectly handled certain paths. An attacker
could possibly use this issue to obtain sensitive information.
(CVE-2020-8161)
It was discovered that Rack incorrectly validated cookies. An attacker
could possibly use this issue to forge a secure cookie. (CVE-2020-8184)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
rubygem-rack: directory traversal in Rack::Directory
vendor_redhat·2020-05-12·CVSS 8.6
CVE-2020-8161 [HIGH] CWE-22 rubygem-rack: directory traversal in Rack::Directory
rubygem-rack: directory traversal in Rack::Directory
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
A directory traversal vulnerability was found in the Rack::Directory app that is bundled with Rack. If certain directories exist in a director managed by the Rack::Directory, this flaw allows an attacker to read the contents of files on the server outside of the root specified in the Rack::Directory initializer. The highest threat from this vulnerability is to confidentiality.
Statement: Because the following products package the flawed code, but do not use its functionality (Rack::Directory), their impact has been
Debian
CVE-2020-8161: ruby-rack - A directory traversal vulnerability exists in rack < 2.2.0 that allows an attack...
vendor_debian·2020·CVSS 8.6
CVE-2020-8161 [HIGH] CVE-2020-8161: ruby-rack - A directory traversal vulnerability exists in rack < 2.2.0 that allows an attack...
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
Scope: local
bookworm: resolved (fixed in 2.1.1-5)
bullseye: resolved (fixed in 2.1.1-5)
forky: resolved (fixed in 2.1.1-5)
sid: resolved (fixed in 2.1.1-5)
trixie: resolved (fixed in 2.1.1-5)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2020-8161 rubygem-rack: directory traversal in Rack::Directory [fedora-all]
bugzilla·2020-05-20·CVSS 8.6
CVE-2020-8161 [HIGH] CVE-2020-8161 rubygem-rack: directory traversal in Rack::Directory [fedora-all]
CVE-2020-8161 rubygem-rack: directory traversal in Rack::Directory [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versio
Bugzilla
CVE-2020-8161 rubygem-rack: directory traversal in Rack::Directory
bugzilla·2020-05-20·CVSS 8.6
CVE-2020-8161 [HIGH] CVE-2020-8161 rubygem-rack: directory traversal in Rack::Directory
CVE-2020-8161 rubygem-rack: directory traversal in Rack::Directory
There was a possible directory traversal vulnerability in the Rack::Directory app that is bundled with Rack. If certain directories exist in a director that is managed by `Rack::Directory`, an attacker could, using this vulnerability, read the contents of files on the server that were outside of the root specified in the Rack::Directory initializer.
Reference:
https://groups.google.com/forum/#!msg/rubyonrails-security/IOO1vNZTzPA/Ylzi1UYLAAAJ
Discussion:
Created rubygem-rack tracking bugs for this issue:
Affects: epel-all [bug 1838283]
Affects: fedora-all [bug 1838282]
---
Upstream patches:
https://github.com/rack/rack/commit/dddb7ad18ed79ca6ab06ccc417a169fde451246e
https://github.com/rack/rack/commit/775c836bdd25b63
Bugzilla
CVE-2020-8161 rubygem-rack: directory traversal in Rack::Directory [epel-all]
bugzilla·2020-05-20·CVSS 8.6
CVE-2020-8161 [HIGH] CVE-2020-8161 rubygem-rack: directory traversal in Rack::Directory [epel-all]
CVE-2020-8161 rubygem-rack: directory traversal in Rack::Directory [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions o
https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPAhttps://hackerone.com/reports/434404https://lists.debian.org/debian-lts-announce/2020/07/msg00006.htmlhttps://lists.debian.org/debian-lts-announce/2023/01/msg00038.htmlhttps://usn.ubuntu.com/4561-1/https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPAhttps://hackerone.com/reports/434404https://lists.debian.org/debian-lts-announce/2020/07/msg00006.htmlhttps://lists.debian.org/debian-lts-announce/2023/01/msg00038.htmlhttps://usn.ubuntu.com/4561-1/
2020-07-02
Published