CVE-2026-34763
MEDIUM5.3EPSS 0.04%Rack has a root directory disclosure via unescaped regex interpolation in Rack::Directory
發布日:2026/4/2修改日:2026/4/28
描述
Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Directory interpolates the configured root path directly into a regular expression when deriving the displayed directory path. If root contains regex metacharacters such as +, *, or ., the prefix stripping can fail and the generated directory listing may expose the full filesystem path in the HTML output. This issue has been patched in versions 2.2.23, 3.1.21, and 3.2.6.
受影響套件(2)
- Debian/ruby-rackfrom 0
- RubyGems/rackfrom 0, < 2.2.23
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
參考連結(5)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-34763
- ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2026-34763
- PATCHhttps://github.com/rack/rack
- WEBhttps://github.com/rack/rack/security/advisories/GHSA-7mqq-6cf9-v2qp
- WEBhttps://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2026-34763.yml