Description
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.9.23)
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.6)
Microsoft SQL Server Elevation of Privilege Vulnerability (CVE-2021-1636)
MySQL CVE-2020-2780 Vulnerability (CVE-2020-2780)
WordPress Plugin WP Custom Pages 'url' Parameter Local File Disclosure (0.5.0.1)