Lucene search
FreeBSDFCFDABB7-F14D-4E61-A7D5-CFEFB4B99B15HistoryFeb 08, 2013 - 12:00 a.m.
Ruby Rack Gem -- Multiple Issues
2013-02-0800:00:00
vuxml.freebsd.org
13
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.084 Low
EPSS
Percentile
94.3%
Rack developers report:
Today we are proud to announce the release of Rack 1.4.5.
Fix CVE-2013-0263, timing attack against Rack::Session::Cookie
Fix CVE-2013-0262, symlink path traversal in Rack::File
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | rubygem18-rack | < 1.4.5 | UNKNOWN |
| FreeBSD | any | noarch | rubygem19-rack | < 1.4.5 | UNKNOWN |
Related
nessus
nessus
Fedora 18 : rubygem-rack-1.4.0-5.fc18 (2013-2306)
2013-05-08 00:00:00
Fedora 17 : rubygem-rack-1.4.0-4.fc17 (2013-2315)
2013-05-08 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-rack-1.4.0-5.fc18
2013-05-07 18:33:02
[SECURITY] Fedora 17 Update: rubygem-rack-1.4.0-4.fc17
2013-05-07 18:29:19
ubuntucve
ubuntucve
CVE-2013-0262
2013-02-08 00:00:00
CVE-2013-0263
2013-02-08 00:00:00
github
github
Rack Vulnerable to Path Traversal
2017-10-24 18:33:37
Rack arbitrary code execution via timing attack
2022-05-05 02:48:42
openvas
openvas
Fedora Update for rubygem-rack FEDORA-2013-2306
2013-05-09 00:00:00
Fedora Update for rubygem-rack FEDORA-2013-2315
2013-05-09 00:00:00
Fedora Update for rubygem-rack FEDORA-2013-2315
2013-05-09 00:00:00
gentoo
gentoo
Rack: Multiple vulnerabilities
2014-05-17 00:00:00
prion
prion
Directory traversal
2013-02-08 20:55:00
Code injection
2013-02-08 20:55:00
cve
cve
CVE-2013-0262
2013-02-08 20:55:00
CVE-2013-0263
2013-02-08 20:55:00
debiancve
debiancve
CVE-2013-0262
2013-02-08 20:55:00
CVE-2013-0263
2013-02-08 20:55:00
veracode
veracode
Arbitrary File Access Using A Symlink Attack
2019-01-15 09:00:19
Input Validation Bypass
2019-05-02 04:44:00
Cross-Site Request Forgery (CSRF)
2019-05-02 04:44:00
osv
osv
Rack arbitrary code execution via timing attack
2022-05-05 02:48:42
Rack Vulnerable to Path Traversal
2017-10-24 18:33:37
librack-ruby - several
2013-10-21 00:00:00
rubygems
rubygems
CVE-2013-0262 rubygem-rack: Path sanitization information disclosure
2013-02-06 20:00:00
CVE-2013-0263 rubygem-rack: Timing attack in cookie sessions
2013-02-06 20:00:00
redhat
redhat
(RHSA-2013:0638) Moderate: Red Hat OpenShift Enterprise 1.1.2 update
2013-03-12 00:00:00
(RHSA-2013:0686) Moderate: Subscription Asset Manager 1.2.1 update
2013-03-26 00:00:00
debian
debian
[SECURITY] [DSA 2783-1] librack-ruby security update
2013-10-21 19:20:25
[SECURITY] [DSA 2783-2] librack-ruby regression update
2013-10-24 19:29:38
[SECURITY] [DSA 2783-2] librack-ruby regression update
2013-10-24 19:29:38
securityvulns
securityvulns
[SECURITY] [DSA 2783-2] librack-ruby regression update
2013-10-28 00:00:00
Librack multiple security vulnerabilities
2013-10-28 00:00:00
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.084 Low
EPSS
Percentile
94.3%
Related for FCFDABB7-F14D-4E61-A7D5-CFEFB4B99B15