An issue was discovered in rack-protection/lib/rack/protection/path_traversal.rb in Sinatra 2.x before 2.0.1 on Windows. Path traversal is possible via backslash characters.
References
https://nvd.nist.gov/vuln/detail/CVE-2018-7212
https://github.com/…