sinatra vulnerabilities

Sinatra is a DSL for quickly creating web applications in Ruby with minimal effort.

Latest version: 2.0.5

Licenses detected

  • license: Unknown < 1.4.5, >= 0.1.0
  • license: MIT >= 1.4.5
Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the sinatra package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • M
Cross-site Scripting (XSS)
<2.0.2 Not available 04 Jun, 2018
  • M
Directory Traversal
>=2.0,<2.0.1 Not available 22 Feb, 2018
  • M
Timing Attack
>=2.0.0.beta1, <2.0.0,<1.5.5 Not available 10 Jan, 2018
  • M
Cross-site Scripting (XSS)
<1.4.6, >=1.4.0.a Not available 10 Jan, 2018
  • M
Session Fixation
<1.2.1 Not available 10 Jan, 2018