VYPR
High severityNVD Advisory· Published Jul 27, 2021· Updated Aug 3, 2024

CVE-2021-28966

CVE-2021-28966

Description

In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
tmpdirRubyGems
< 0.1.20.1.2

Affected products

4

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.