CVE-2021-28966
HIGH7.5EPSS 0.25%Tempfile on Windows path traversal vulnerability
Published: 5/6/2021Modified: 12/3/2025
Description
In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir.
Affected packages (4)
- Alpine/rubyfrom 0, < 2.5.9-r0
- Bitnami/rubyfrom 0, < 2.7.3, >= 3.0.0, < 3.0.1
- Bitnami/ruby-minfrom 0, < 2.7.3, >= 3.0.0, < 3.0.1
- RubyGems/tmpdirfrom 0, < 0.1.2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
References (11)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-28966
- ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2021-28966
- PATCHhttps://github.com/ruby/tmpdir
- WEBhttps://github.com/rubysec/ruby-advisory-db/blob/master/gems/tmpdir/CVE-2021-28966.yml
- WEBhttps://github.com/ruby/tmpdir/commit/93798c01cb7c10476e50a4d80130a329ba47f348
- WEBhttps://github.com/ruby/tmpdir/pull/8
- WEBhttps://hackerone.com/reports/1131465
- WEBhttps://rubygems.org/gems/tmpdir
- WEBhttps://security.netapp.com/advisory/ntap-20210902-0004
- WEBhttps://security.netapp.com/advisory/ntap-20210902-0004/
- WEBhttps://www.ruby-lang.org/en/news/2021/04/05/tempfile-path-traversal-on-windows-cve-2021-28966