[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-8161":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":47,"aliases":48,"duplicate_of":9,"upstream":49,"downstream":50,"duplicates":73,"related":74,"reserved_at":9,"published_at":78,"modified_at":79,"state":80,"summary":81,"references_raw":90,"kevs":117,"epss":118,"epss_history":121,"metrics":390,"affected":400},"CVE-2020-8161","A directory traversal vulnerability exists in rack \u003C 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.",null,[11,40],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-22","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.","weakness","Stable","Base","High",[20,24,28,32,36],{"id":21,"name":22,"techniques":23},"CAPEC-126","Path Traversal",[],{"id":25,"name":26,"techniques":27},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":29,"name":30,"techniques":31},"CAPEC-76","Manipulating Web Input to File System Calls",[],{"id":33,"name":34,"techniques":35},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":37,"name":38,"techniques":39},"CAPEC-79","Using Slashes in Alternate Encoding",[],{"_key":41,"id":41,"name":42,"description":43,"type":15,"status":44,"abstraction":45,"likelihood_of_exploit":9,"capec":46},"CWE-548","Exposure of Information Through Directory Listing","The product inappropriately exposes a directory listing with an index of all the resources located inside of the directory.","Draft","Variant",[],[],[],[],[51,53,55,57,59,61,63,65,67,69,71],{"_key":52},"SUSE-SU-2020:2678-1",{"_key":54},"UBUNTU-CVE-2020-8161",{"_key":56},"USN-4561-1",{"_key":58},"USN-4561-2",{"_key":60},"SUSE-SU-2022:3347-1",{"_key":62},"DLA-2216-1",{"_key":64},"DLA-2275-1",{"_key":66},"DLA-3298-1",{"_key":68},"MGASA-2020-0252",{"_key":70},"DEBIAN-CVE-2020-8161",{"_key":72},"RHSA-2020:4366",[],[75,76,77],{"_key":52},{"_key":60},{"_key":68},"2020-07-02T00:00:00.000Z","2024-08-04T09:48:25.656Z","Modified",{"cisa_kev":82,"cisa_ransomware":82,"cisa_vendor":9,"epss_severity":83,"epss_score":84,"severity":85,"severity_score":86,"severity_version":87,"severity_source":88,"severity_vector":89,"severity_status":80},false,"low",0.00907,"high",8.6,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",[91,98,104,108,113],{"url":92,"sources":93,"tags":95},"https://hackerone.com/reports/434404",[94,88],"cve.org",[96,97],"Permissions Required","Third Party Advisory",{"url":99,"sources":100,"tags":101},"https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA",[94,88],[102,103,97],"Mailing List","Patch",{"url":105,"sources":106,"tags":107},"https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html",[94,88],[102,97],{"url":109,"sources":110,"tags":111},"https://usn.ubuntu.com/4561-1/",[94,88],[112,97],"Vendor Advisory",{"url":114,"sources":115,"tags":116},"https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html",[94,88],[102,97],[],{"date":119,"score":84,"percentile":120},"2026-06-04",0.76149,[122,126,129,132,135,138,141,144,147,150,153,156,159,162,164,168,171,174,177,180,183,185,188,191,193,196,199,202,206,209,212,215,218,221,224,227,230,233,236,239,242,245,248,251,254,257,260,263,266,269,272,275,278,281,285,288,291,294,297,300,303,306,309,311,314,317,320,323,326,329,332,334,337,340,343,346,348,351,354,357,360,363,366,369,372,375,378,380,383,386],{"date":123,"score":124,"percentile":125},"2025-11-04",0.00475,0.63969,{"date":127,"score":124,"percentile":128},"2025-11-05",0.6395,{"date":130,"score":124,"percentile":131},"2025-11-06",0.63952,{"date":133,"score":124,"percentile":134},"2025-11-07",0.63963,{"date":136,"score":124,"percentile":137},"2025-11-08",0.63967,{"date":139,"score":124,"percentile":140},"2025-11-09",0.63959,{"date":142,"score":124,"percentile":143},"2025-11-10",0.63944,{"date":145,"score":124,"percentile":146},"2025-11-11",0.63955,{"date":148,"score":124,"percentile":149},"2025-11-12",0.63977,{"date":151,"score":124,"percentile":152},"2025-11-13",0.63985,{"date":154,"score":124,"percentile":155},"2025-11-14",0.63992,{"date":157,"score":124,"percentile":158},"2025-11-15",0.63987,{"date":160,"score":124,"percentile":161},"2025-11-16",0.63979,{"date":163,"score":124,"percentile":149},"2025-11-17",{"date":165,"score":166,"percentile":167},"2025-11-18",0.00708,0.69943,{"date":169,"score":166,"percentile":170},"2025-11-19",0.69952,{"date":172,"score":166,"percentile":173},"2025-11-20",0.6996,{"date":175,"score":124,"percentile":176},"2025-11-21",0.63984,{"date":178,"score":124,"percentile":179},"2025-11-22",0.6399,{"date":181,"score":124,"percentile":182},"2025-11-23",0.63973,{"date":184,"score":124,"percentile":134},"2025-11-24",{"date":186,"score":124,"percentile":187},"2025-11-25",0.63965,{"date":189,"score":124,"percentile":190},"2025-11-26",0.63968,{"date":192,"score":124,"percentile":182},"2025-11-27",{"date":194,"score":124,"percentile":195},"2025-11-28",0.63951,{"date":197,"score":124,"percentile":198},"2025-11-29",0.63921,{"date":200,"score":124,"percentile":201},"2025-11-30",0.63914,{"date":203,"score":204,"percentile":205},"2025-12-01",0.0042,0.6134,{"date":207,"score":204,"percentile":208},"2025-12-02",0.61353,{"date":210,"score":204,"percentile":211},"2025-12-03",0.61356,{"date":213,"score":124,"percentile":214},"2025-12-04",0.63926,{"date":216,"score":124,"percentile":217},"2025-12-05",0.63939,{"date":219,"score":124,"percentile":220},"2025-12-06",0.63938,{"date":222,"score":124,"percentile":223},"2025-12-07",0.63931,{"date":225,"score":124,"percentile":226},"2025-12-08",0.63937,{"date":228,"score":124,"percentile":229},"2025-12-09",0.63971,{"date":231,"score":124,"percentile":232},"2025-12-10",0.64017,{"date":234,"score":124,"percentile":235},"2025-12-11",0.64034,{"date":237,"score":124,"percentile":238},"2025-12-12",0.64053,{"date":240,"score":124,"percentile":241},"2025-12-13",0.64058,{"date":243,"score":124,"percentile":244},"2025-12-14",0.64057,{"date":246,"score":124,"percentile":247},"2025-12-15",0.64051,{"date":249,"score":124,"percentile":250},"2025-12-16",0.64066,{"date":252,"score":124,"percentile":253},"2025-12-17",0.64081,{"date":255,"score":124,"percentile":256},"2025-12-18",0.64116,{"date":258,"score":124,"percentile":259},"2025-12-19",0.64133,{"date":261,"score":124,"percentile":262},"2025-12-20",0.64131,{"date":264,"score":124,"percentile":265},"2025-12-21",0.64121,{"date":267,"score":124,"percentile":268},"2025-12-22",0.64115,{"date":270,"score":124,"percentile":271},"2025-12-23",0.64123,{"date":273,"score":124,"percentile":274},"2025-12-24",0.6413,{"date":276,"score":124,"percentile":277},"2025-12-25",0.64155,{"date":279,"score":124,"percentile":280},"2025-12-26",0.64157,{"date":282,"score":283,"percentile":284},"2025-12-27",0.00362,0.57822,{"date":286,"score":124,"percentile":287},"2025-12-28",0.64132,{"date":289,"score":124,"percentile":290},"2025-12-29",0.64122,{"date":292,"score":124,"percentile":293},"2025-12-30",0.64138,{"date":295,"score":124,"percentile":296},"2025-12-31",0.64164,{"date":298,"score":204,"percentile":299},"2026-01-01",0.61613,{"date":301,"score":204,"percentile":302},"2026-01-02",0.61601,{"date":304,"score":204,"percentile":305},"2026-01-03",0.61597,{"date":307,"score":124,"percentile":308},"2026-01-04",0.64162,{"date":310,"score":124,"percentile":280},"2026-01-05",{"date":312,"score":124,"percentile":313},"2026-01-06",0.64153,{"date":315,"score":124,"percentile":316},"2026-01-07",0.64173,{"date":318,"score":124,"percentile":319},"2026-01-08",0.64195,{"date":321,"score":124,"percentile":322},"2026-01-09",0.64194,{"date":324,"score":124,"percentile":325},"2026-01-10",0.64192,{"date":327,"score":124,"percentile":328},"2026-01-11",0.64182,{"date":330,"score":124,"percentile":331},"2026-01-12",0.64166,{"date":333,"score":124,"percentile":296},"2026-01-13",{"date":335,"score":124,"percentile":336},"2026-01-14",0.64201,{"date":338,"score":124,"percentile":339},"2026-01-15",0.64216,{"date":341,"score":124,"percentile":342},"2026-01-16",0.64236,{"date":344,"score":124,"percentile":345},"2026-01-17",0.64226,{"date":347,"score":124,"percentile":339},"2026-01-18",{"date":349,"score":124,"percentile":350},"2026-01-19",0.64204,{"date":352,"score":124,"percentile":353},"2026-01-20",0.64219,{"date":355,"score":124,"percentile":356},"2026-01-21",0.64228,{"date":358,"score":124,"percentile":359},"2026-01-22",0.64235,{"date":361,"score":124,"percentile":362},"2026-01-23",0.64264,{"date":364,"score":124,"percentile":365},"2026-01-24",0.6427,{"date":367,"score":124,"percentile":368},"2026-01-25",0.64237,{"date":370,"score":124,"percentile":371},"2026-01-26",0.64223,{"date":373,"score":124,"percentile":374},"2026-01-27",0.64232,{"date":376,"score":124,"percentile":377},"2026-01-28",0.64241,{"date":379,"score":124,"percentile":377},"2026-01-29",{"date":381,"score":124,"percentile":382},"2026-01-30",0.6425,{"date":384,"score":124,"percentile":385},"2026-01-31",0.64254,{"date":387,"score":388,"percentile":389},"2026-02-01",0.00705,0.71783,[391],{"source":88,"cvss_v2_0":392,"cvss_v3_0":9,"cvss_v3_1":397,"cvss_v4_0":9},{"baseScore":393,"baseSeverity":9,"vectorString":394,"impactScore":395,"exploitabilityScore":396},5,"AV:N/AC:L/Au:N/C:P/I:N/A:N",2.9,10,{"baseScore":86,"baseSeverity":398,"vectorString":89,"impactScore":399,"exploitabilityScore":396},"HIGH",6.7,[401,410,419],{"ecosystem":9,"name":402,"vendor":403,"product":404,"cpe_part":405,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":406},"ubuntu linux","canonical","ubuntu_linux","o",[407],{"version":408,"is_range":82,"range_type":409,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04","cpe",{"ecosystem":9,"name":411,"vendor":412,"product":413,"cpe_part":405,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":414},"debian linux","debian","debian_linux",[415,417],{"version":416,"is_range":82,"range_type":409,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"version":418,"is_range":82,"range_type":409,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"ecosystem":9,"name":420,"vendor":421,"product":420,"cpe_part":422,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":423},"rack","rack_project","a",[424],{"version":425,"is_range":426,"range_type":409,"version_start":9,"version_start_type":9,"version_end":427,"version_end_type":428,"fixed_in":9},"lt2.2.0",true,"2.2.0","excluding"]