Release | Version |
---|---|
jessie | 1.4.5-1 |
stretch | 1.4.7-5+deb9u2 |
buster | 2.0.5-4+deb10u2 |
bullseye | 2.0.8.1-2 |
bullseye (security) | 2.0.8.1-2+deb11u1 |
bookworm | 3.0.5-3 |
trixie | 3.2.0-1 |
sid | 3.2.0-1 |
Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|---|---|
CVE-2024-21510 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable (no DSA, ignored) | vulnerable | vulnerable | Versions of the package sinatra from 0.0.0 are vulnerable to Reliance ... |
CVE-2022-45442 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | Sinatra is a domain-specific language for creating web applications in ... |
CVE-2022-29970 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | Sinatra before 2.2.0 does not validate that the expanded path matches ... |
Bug | Description |
---|---|
CVE-2018-11627 | Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs ... |
DSA / DLA | Description |
---|---|
DLA-3877-1 | ruby-sinatra - security update |
ELA-787-1 | ruby-sinatra - security update |
DLA-3264-1 | ruby-sinatra - security update |
DLA-3166-1 | ruby-sinatra - security update |
ELA-638-1 | ruby-sinatra - security update |