Package impact
RubyGems / sinatra
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-29970 | high | — | 8.0 | 4y ago | RHSA-2022:4661: pcs security update (Important) | |||
| CVE-2024-21510 | medium | — | 5.5 | 2y ago | RHSA-2024:10987: pcs security update (Moderate) | |||
| CVE-2022-45442 | medium | — | 5.5 | 4y ago | RHSA-2023:0855: pcs security update (Moderate) | |||
| CVE-2025-61921 | unknown | — | — | 8mo ago | Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the `If-Match` and `If-None-Match` header parsin… | |||
| CVE-2018-11627 | unknown | — | — | 8y ago | Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception. | |||
| CVE-2018-7212 | unknown | — | — | 8y ago | Sinatra Path Traversal vulnerability |