Lucene search
K

15 matches found

Wolfi
Wolfi
added 2026/04/04 7:48 a.m.7 views

CVE-2025-32441 vulnerabilities

Vulnerabilities for packages: ruby3.3-rack, ruby3.4-rack, ruby3.2-rack, ruby4.0-rack...

4.2CVSS5.9AI score0.00193EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/11/13 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-eae2126736)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.35376EPSS
Exploits3References29
Tenable Nessus
Tenable Nessus
added 2025/11/02 12:0 a.m.9 views

Debian dla-4357 : ruby-rack - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4357 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4357-1 [email protected]...

7.5CVSS6.7AI score0.00911EPSS
Exploits0References18
OpenVAS
OpenVAS
added 2025/08/01 12:0 a.m.4 views

openSUSE Security Advisory (SUSE-SU-2025:02564-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.00911EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2025/08/01 12:0 a.m.7 views

SUSE: Security Advisory (SUSE-SU-2025:02564-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.00911EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/01 12:0 a.m.3 views

SUSE SLES15 / openSUSE 15 Security Update : rmt-server (SUSE-SU-2025:02564-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02564-1 advisory. - Update to version 2.23 - CVE-2025-46727: Fixed Unbounded-Parameter DoS in Rack:QueryParser. bsc1242893 -...

7.5CVSS6.3AI score0.00911EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2025/07/24 12:0 a.m.5 views

SUSE: Security Advisory (SUSE-SU-2025:02429-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.00911EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/07/22 12:0 a.m.5 views

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2025:02429-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02429-1 advisory. - Update to version 2.23 - CVE-2025-46727: Fixed Unbounded-Parameter DoS in Rack:QueryParser. bsc1242893 - CVE-2025-32441: Fixed a...

7.5CVSS6.3AI score0.00911EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/07/17 12:0 a.m.4 views

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2025:02329-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02329-1 advisory. - Update to version 2.23 - CVE-2025-46727: Fixed Unbounded-Parameter DoS in Rack:QueryParser. bsc1242893 - CVE-2025-32441: Fixed a...

7.5CVSS6.3AI score0.00911EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/07/17 12:0 a.m.6 views

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2025:02330-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02330-1 advisory. - Update to version 2.23 - CVE-2025-46727: Fixed Unbounded-Parameter DoS in Rack:QueryParser. bsc1242893 - CVE-2025-32441: Fixed a...

7.5CVSS6.3AI score0.00911EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2025/05/22 12:0 a.m.12 views

openSUSE Security Advisory (SUSE-SU-2025:01586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.00911EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/05/19 12:0 a.m.5 views

Ubuntu: Security Advisory (USN-7507-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.00911EPSS
Exploits0References2
NVD
NVD
added 2025/05/07 11:15 p.m.23 views

CVE-2025-32441

Rack is a modular Ruby web server interface. Prior to version 2.2.14, when using the Rack::Session::Pool middleware, simultaneous rack requests can restore a deleted rack session, which allows the unauthenticated user to occupy that session. Rack session middleware prepares the session at the...

4.2CVSS0.00193EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/05/07 11:1 p.m.11 views

CVE-2025-32441 Rack session gets restored after deletion

Rack is a modular Ruby web server interface. Prior to version 2.2.14, when using the Rack::Session::Pool middleware, simultaneous rack requests can restore a deleted rack session, which allows the unauthenticated user to occupy that session. Rack session middleware prepares the session at the...

4.2CVSS4.4AI score0.00193EPSS
Exploits0References3
CVE
CVE
added 2025/05/07 11:1 p.m.89 views

CVE-2025-32441

CVE-2025-32441 affects the Rack Ruby web server interface. Before 2.2.14, when using the Rack::Session::Pool middleware, concurrent requests can cause a deleted session to be restored, enabling an unauthenticated user to reuse that session. The exploitation scenario requires an attacker to obtain...

4.2CVSS4.4AI score0.00193EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder