A vulnerability in Rack's Sendfile middleware allows attackers to inject escape sequences in log files via unsanitized header values, leading to potential log manipulation and obscuring attack traces. To mitigate the risk, update to the latest Rack version or remove the usage of Rack::Sendfile.
Sort: