VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-wt7k-s1yd-nke6

Essentials
Severities (26)
References (21)
Severity details (18)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-wt7k-s1yd-nke6
Aliases	CVE-2025-27610 GHSA-7wqh-767x-r66v
Summary	Local File Inclusion in Rack::Static ## Summary `Rack::Static` can serve files under the specified `root:` even if `urls:` are provided, which may expose other files under the specified `root:` unexpectedly. ## Details The vulnerability occurs because `Rack::Static` does not properly sanitize user-supplied paths before serving files. Specifically, encoded path traversal sequences are not correctly validated, allowing attackers to access files outside the designated static file directory. ## Impact By exploiting this vulnerability, an attacker can gain access to all files under the specified `root:` directory, provided they are able to determine then path of the file. ## Mitigation - Update to the latest version of Rack, or - Remove usage of `Rack::Static`, or - Ensure that `root:` points at a directory path which only contains files which should be accessed publicly. It is likely that a CDN or similar static file server would also mitigate the issue.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-23	Relative Path Traversal
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27610.json
epss	0.00415	https://api.first.org/data/v1/epss?cve=CVE-2025-27610
epss	0.00415	https://api.first.org/data/v1/epss?cve=CVE-2025-27610
epss	0.00415	https://api.first.org/data/v1/epss?cve=CVE-2025-27610
epss	0.00415	https://api.first.org/data/v1/epss?cve=CVE-2025-27610
epss	0.00415	https://api.first.org/data/v1/epss?cve=CVE-2025-27610
epss	0.00415	https://api.first.org/data/v1/epss?cve=CVE-2025-27610
epss	0.00415	https://api.first.org/data/v1/epss?cve=CVE-2025-27610
cvssv3.1	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-7wqh-767x-r66v
cvssv3.1	7.5	https://github.com/rack/rack
generic_textual	HIGH	https://github.com/rack/rack
cvssv3.1	7.5	https://github.com/rack/rack/commit/50caab74fa01ee8f5dbdee7bb2782126d20c6583
generic_textual	HIGH	https://github.com/rack/rack/commit/50caab74fa01ee8f5dbdee7bb2782126d20c6583
ssvc	Track	https://github.com/rack/rack/commit/50caab74fa01ee8f5dbdee7bb2782126d20c6583
cvssv3	7.5	https://github.com/rack/rack/security/advisories/GHSA-7wqh-767x-r66v
cvssv3.1	7.5	https://github.com/rack/rack/security/advisories/GHSA-7wqh-767x-r66v
cvssv3.1_qr	HIGH	https://github.com/rack/rack/security/advisories/GHSA-7wqh-767x-r66v
generic_textual	HIGH	https://github.com/rack/rack/security/advisories/GHSA-7wqh-767x-r66v
ssvc	Track	https://github.com/rack/rack/security/advisories/GHSA-7wqh-767x-r66v
cvssv3.1	7.5	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-27610.yml
generic_textual	HIGH	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-27610.yml
cvssv3.1	7.5	https://lists.debian.org/debian-lts-announce/2025/03/msg00016.html
generic_textual	HIGH	https://lists.debian.org/debian-lts-announce/2025/03/msg00016.html
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2025-27610
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2025-27610

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27610.json
		https://api.first.org/data/v1/epss?cve=CVE-2025-27610
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27610
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/rack/rack
		https://github.com/rack/rack/commit/50caab74fa01ee8f5dbdee7bb2782126d20c6583
		https://github.com/rack/rack/security/advisories/GHSA-7wqh-767x-r66v
		https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-27610.yml
		https://lists.debian.org/debian-lts-announce/2025/03/msg00016.html
		https://nvd.nist.gov/vuln/detail/CVE-2025-27610
1100444		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100444
2351231		https://bugzilla.redhat.com/show_bug.cgi?id=2351231
GHSA-7wqh-767x-r66v		https://github.com/advisories/GHSA-7wqh-767x-r66v
RHSA-2025:3448		https://access.redhat.com/errata/RHSA-2025:3448
RHSA-2025:3490		https://access.redhat.com/errata/RHSA-2025:3490
RHSA-2025:3491		https://access.redhat.com/errata/RHSA-2025:3491
RHSA-2025:3492		https://access.redhat.com/errata/RHSA-2025:3492
RHSA-2025:3906		https://access.redhat.com/errata/RHSA-2025:3906
RHSA-2025:4576		https://access.redhat.com/errata/RHSA-2025:4576
USN-7366-1		https://usn.ubuntu.com/7366-1/
USN-7366-2		https://usn.ubuntu.com/7366-2/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27610.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/rack/rack

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/rack/rack/commit/50caab74fa01ee8f5dbdee7bb2782126d20c6583

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-11T15:22:45Z/ Found at https://github.com/rack/rack/commit/50caab74fa01ee8f5dbdee7bb2782126d20c6583

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/rack/rack/security/advisories/GHSA-7wqh-767x-r66v

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-11T15:22:45Z/ Found at https://github.com/rack/rack/security/advisories/GHSA-7wqh-767x-r66v

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-27610.yml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.debian.org/debian-lts-announce/2025/03/msg00016.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2025-27610

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.61611
EPSS Score	0.00415
Published At	April 7, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:56:10.586790+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/03/GHSA-7wqh-767x-r66v/GHSA-7wqh-767x-r66v.json	38.0.0