Description
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.
Remediation
References
Related Vulnerabilities
OpenSSL Improper Input Validation Vulnerability (CVE-2010-0433)
XWiki Insufficiently Protected Credentials Vulnerability (CVE-2022-41933)
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.29)
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2017-12171)
WordPress Plugin Duplicator-WordPress Migration Unspecified Vulnerability (1.1.34)