CVE-2020-8161

Description

A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.

CVSS Metrics

• v3.1•HIGH•Score: 8.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
• v2.0•MEDIUM•Score: 5AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 0.91%• Percentile: 76%

Techniques & Countermeasures

• CWE-22•Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

  The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

• CWE-548•Exposure of Information Through Directory Listing

  The product inappropriately exposes a directory listing with an index of all the resources located inside of the directory.

Affected Systems

• canonical•ubuntu_linux

  18.04

• debian•debian_linux

  9.0 | 10.0

• rack_project•rack

  < 2.2.0

References (5)

• https://hackerone.com/reports/434404
• https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA
• https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html
• https://usn.ubuntu.com/4561-1/
• https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html