VYPR

Cassandra Web

by RubyGems

Source repositories

CVEs (1)

  • CVE-2020-36939HigJan 27, 2026
    risk 0.56cvss 7.5epss 0.02

    Cassandra Web 0.5.0 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating path traversal parameters. Attackers can exploit the disabled Rack::Protection module to read sensitive system files like /etc/passwd…