Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.3 views

MiracleLinux 9 : pcs-0.11.10-1.el9_7.1.ML.1 (AXSA:2026-257:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-257:03 advisory. rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon- separated parameters CVE-2025-59830 rack: Rack's...

7.5CVSS5.9AI score0.00868EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.5 views

MiracleLinux 8 : pcs-0.10.18-2.el8_10.7.ML.1 (AXSA:2025-11087:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11087:08 advisory. rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon- separated parameters CVE-2025-59830 rack: Rack's...

7.5CVSS7.3AI score0.00868EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.3 views

Oracle Linux 9 : pcs (ELSA-2025-20962)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20962 advisory. - Fixed CVE-2025-59830, CVE-2025-61770, CVE-2025-61771, CVE-2025-61772, CVE-2025-61919 by updating bundled rubygem rack Resolves: RHEL-120945,...

7.5CVSS7.2AI score0.00868EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2025/11/13 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-eae2126736)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.35376EPSS
Exploits3References29
AlmaLinux
AlmaLinux
added 2025/11/11 12:0 a.m.5 views

Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon-separated parameters CVE-2025-59830 rack: Rack's unbounded multipart preamble...

7.5CVSS6.9AI score0.00868EPSS
Exploits0References12
OSV
OSV
added 2025/11/06 9:6 a.m.7 views

RLSA-2025:19512 Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon-separated parameters CVE-2025-59830 rack: Rack's unbounded multipart preamble...

7.5CVSS6.9AI score0.00868EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/05 11:49 p.m.11 views

Important: Red Hat Security Advisory: Satellite 6.17.6 Async Update

A new release is now available for Red Hat Satellite 6.17 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8CVSS6.8AI score0.00591EPSS
Exploits0References12
OSV
OSV
added 2025/11/04 12:0 a.m.8 views

ALSA-2025:19719 Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon-separated parameters CVE-2025-59830 rack: Rack's unbounded multipart preamble...

7.5CVSS6.9AI score0.00868EPSS
Exploits0References12
Oracle linux
Oracle linux
added 2025/11/03 12:0 a.m.8 views

pcs security update

0.11.9-2.el96.2 - Fixed CVE-2025-59830, CVE-2025-61770, CVE-2025-61771, CVE-2025-61772, CVE-2025-61919 by updating bundled rubygem rack Resolves: RHEL-120943, RHEL-121036, RHEL-123631, RHEL-123644, RHEL-124942...

7.5CVSS6.7AI score0.00868EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/02 12:0 a.m.9 views

Debian dla-4357 : ruby-rack - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4357 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4357-1 [email protected]...

7.5CVSS6.7AI score0.00911EPSS
Exploits0References18
OPENSUSE Linux
OPENSUSE Linux
added 2025/09/30 12:0 a.m.6 views

ruby3.4-rubygem-rack-2.2-2.2.18-1.1 on GA media (moderate)

ruby3.4-rubygem-rack-2.2-2.2.18-1.1 on GA media Announcement ID: openSUSE-SU-2025:15587-1 Rating: moderate Cross-References: CVE-2025-59830 CVSS scores: CVE-2025-59830 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one...

7.5CVSS7.2AI score0.00535EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/09/26 11:23 p.m.4 views

SUSE CVE-2025-59830

Rack is a modular Ruby web server interface. Prior to version 2.2.18, Rack::QueryParser enforces its paramslimit only for parameters separated by &, while still splitting on both & and ;. As a result, attackers could use ; separators to bypass the parameter count limit and submit more parameters...

7.5CVSS6.8AI score0.00535EPSS
Exploits0References6
Circl
Circl
added 2025/09/25 4:39 p.m.2 views

CVE-2025-59830

creationtimestamp| type| source ---|---|--- 2025-09-25 16:39:32+00:00| seen| https://gist.github.com/Darkcrai86/de120a61a287c9e3f94f36acc5e0740b 2026-01-16 09:28:48+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3mcjrvyb7ut24 2026-01-16 09:28:52+00:00| seen|...

7.5CVSS6.9AI score0.00535EPSS
Exploits0References4
Rows per page
Query Builder