sinatra vulnerabilities

Sinatra is a DSL for quickly creating web applications in Ruby with minimal effort.

Latest version: 2.0.4

View on RubyGems.org

Licenses detected

  • license: Unknown < 1.4.5, >= 0.1.0
  • license: MIT >=1.4.5
Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications
Vulnerability Vulnerable versions Snyk patch Published
  • M
Cross-site Scripting (XSS)
<2.0.2 Not available 04 Jun, 2018
  • M
Directory Traversal
>=2.0,<2.0.1 Not available 22 Feb, 2018
  • M
Timing Attack
>=2.0.0.beta1, <2.0.0,<1.5.5 Not available 10 Jan, 2018
  • M
Cross-site Scripting (XSS)
<1.4.6, >=1.4.0.a Not available 10 Jan, 2018
  • M
Session Fixation
<1.2.1 Not available 10 Jan, 2018