Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-6109HistoryMar 01, 2013 - 5:40 a.m.
CVE-2012-6109
2013-03-0105:40:00
Debian Security Bug Tracker
security-tracker.debian.org
12
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.012 Low
EPSS
Percentile
85.2%
lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ruby-rack | < 1.4.1-2.1 | ruby-rack_1.4.1-2.1_all.deb |
| Debian | 11 | all | ruby-rack | < 1.4.1-2.1 | ruby-rack_1.4.1-2.1_all.deb |
| Debian | 10 | all | ruby-rack | < 1.4.1-2.1 | ruby-rack_1.4.1-2.1_all.deb |
| Debian | 999 | all | ruby-rack | < 1.4.1-2.1 | ruby-rack_1.4.1-2.1_all.deb |
| Debian | 13 | all | ruby-rack | < 1.4.1-2.1 | ruby-rack_1.4.1-2.1_all.deb |
Related
prion
prion
Design/Logic Flaw
2013-03-01 05:40:00
osv
osv
Rack vulnerable to REDoS
2017-10-24 18:33:37
ubuntucve
ubuntucve
CVE-2012-6109
2013-03-01 00:00:00
veracode
veracode
Denial Of Service (DoS) Infinite Loop
2019-01-15 08:58:11
github
github
Rack vulnerable to REDoS
2017-10-24 18:33:37
cve
cve
CVE-2012-6109
2013-03-01 05:40:00
rubygems
rubygems
CVE-2012-6109 rubygem-rack: parsing Content-Disposition header DoS
2012-05-03 20:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-rack-1.4.0-4.fc18
2013-01-25 21:37:50
[SECURITY] Fedora 17 Update: rubygem-rack-1.4.0-3.fc17
2013-01-25 21:44:01
[SECURITY] Fedora 16 Update: rubygem-rack-1.3.0-3.fc16
2013-01-25 21:34:26
nessus
nessus
Fedora 18 : rubygem-rack-1.4.0-4.fc18 (2013-0837)
2013-01-28 00:00:00
Fedora 17 : rubygem-rack-1.4.0-3.fc17 (2013-0861)
2013-01-28 00:00:00
Fedora 16 : rubygem-rack-1.3.0-3.fc16 (2013-0896)
2013-01-28 00:00:00
openvas
openvas
Fedora Update for rubygem-rack FEDORA-2013-0837
2013-01-28 00:00:00
Fedora Update for rubygem-rack FEDORA-2013-0837
2013-01-28 00:00:00
Fedora Update for rubygem-rack FEDORA-2013-0861
2013-01-28 00:00:00
gentoo
gentoo
Rack: Multiple vulnerabilities
2014-05-17 00:00:00
redhat
redhat
(RHSA-2013:0544) Important: Subscription Asset Manager 1.2 update
2013-02-21 00:00:00
suse
suse
Security update for rubygem-merb-core (important)
2013-03-20 17:04:42
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.012 Low
EPSS
Percentile
85.2%
Related for DEBIANCVE:CVE-2012-6109