CVE-2024-22050

Published January 4th, 2024

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs.

boazsegev/iodine

iodine - HTTP / WebSockets Server for Ruby with Pub/Sub support

GitHub

937