Rack Cors Middleware
1 CVEs
product
Monthly
rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 permissions for the .rb files. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Information Disclosure
Rack Cors Middleware
NVD
GitHub
CVSS 3.1
9.1
EPSS
0.8%
CVE-2024-27456
Ruby
EPSS 1%
CVSS 9.1
CRITICAL
POC
PATCH
Act Now
rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 permissions for the .rb files. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Information Disclosure
Rack Cors Middleware
NVD
GitHub