Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.3 views

MiracleLinux 9 : pcs-0.11.10-1.el9_7.1.ML.1 (AXSA:2026-257:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-257:03 advisory. rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon- separated parameters CVE-2025-59830 rack: Rack's...

7.5CVSS5.9AI score0.00868EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.5 views

MiracleLinux 8 : pcs-0.10.18-2.el8_10.7.ML.1 (AXSA:2025-11087:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11087:08 advisory. rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon- separated parameters CVE-2025-59830 rack: Rack's...

7.5CVSS7.3AI score0.00868EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.3 views

SUSE SLES15 / openSUSE 15 Security Update : rubygem-rack (SUSE-SU-2025:4273-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4273-1 advisory. - Update to version 2.2.20 bsc1251936 - CVE-2025-61919: Fixed application/x-www-form-urlencoded, calling rack.input.readnil witho...

7.5CVSS7AI score0.00605EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.3 views

Oracle Linux 9 : pcs (ELSA-2025-20962)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20962 advisory. - Fixed CVE-2025-59830, CVE-2025-61770, CVE-2025-61771, CVE-2025-61772, CVE-2025-61919 by updating bundled rubygem rack Resolves: RHEL-120945,...

7.5CVSS7.2AI score0.00868EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2025/11/27 8:12 a.m.8 views

Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: Update to version 2.2.20 bsc1251936 CVE-2025-61919: Fixed application/x-www-form-urlencoded, callingrack.input.readnil without enforcing a length or cap bsc1251936 CVE-2025-61780: Fixed improper handling of headers in Rack::Sendfile allows...

8.7CVSS7AI score0.00605EPSS
Exploits0References8
OSV
OSV
added 2025/11/27 8:12 a.m.3 views

SUSE-SU-2025:4273-1 Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: - Update to version 2.2.20 bsc1251936 - CVE-2025-61919: Fixed application/x-www-form-urlencoded, calling rack.input.readnil without enforcing a length or cap bsc1251936 - CVE-2025-61780: Fixed improper handling of headers in Rack::Sendfile...

7.5CVSS6.8AI score0.00605EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.5 views

RHEL 7 : pcs (RHSA-2025:21696)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21696 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rack: Rack's unbound...

7.5CVSS7.3AI score0.00868EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2025/11/13 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-eae2126736)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.35376EPSS
Exploits3References29
AlmaLinux
AlmaLinux
added 2025/11/11 12:0 a.m.6 views

Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon-separated parameters CVE-2025-59830 rack: Rack's unbounded multipart preamble...

7.5CVSS6.9AI score0.00868EPSS
Exploits0References12
OSV
OSV
added 2025/11/06 9:6 a.m.8 views

RLSA-2025:19512 Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon-separated parameters CVE-2025-59830 rack: Rack's unbounded multipart preamble...

7.5CVSS6.9AI score0.00868EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/05 11:49 p.m.11 views

Important: Red Hat Security Advisory: Satellite 6.17.6 Async Update

A new release is now available for Red Hat Satellite 6.17 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8CVSS6.8AI score0.00605EPSS
Exploits0References12
Oracle linux
Oracle linux
added 2025/11/03 12:0 a.m.8 views

pcs security update

0.11.9-2.el96.2 - Fixed CVE-2025-59830, CVE-2025-61770, CVE-2025-61771, CVE-2025-61772, CVE-2025-61919 by updating bundled rubygem rack Resolves: RHEL-120943, RHEL-121036, RHEL-123631, RHEL-123644, RHEL-124942...

7.5CVSS6.7AI score0.00868EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/02 12:0 a.m.10 views

Debian dla-4357 : ruby-rack - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4357 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4357-1 [email protected]...

7.5CVSS6.7AI score0.00911EPSS
Exploits0References18
Chainguard
Chainguard
added 2025/10/15 2:11 p.m.17 views

CVE-2025-61919 vulnerabilities

Vulnerabilities for packages: ruby3.3-rack, kube-fluentd-operator, gitlab-rails-ce, ruby3.3-rails, ruby3.4-rails, ruby3.2-rails, logstash, ruby4.0-rack, ruby3.4-rack, ruby3.2-rack...

7.5CVSS6.7AI score0.00605EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/14 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-61919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, Rack::RequestPOST reads the entire request body into memory for...

7.5CVSS6.7AI score0.00605EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/13 3:7 p.m.3 views

CVE-2025-61919

A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::RequestPOST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing...

7.5CVSS6.7AI score0.00605EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/10/10 8:15 p.m.4 views

CVE-2025-61919

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, Rack::RequestPOST reads the entire request body into memory for Content-Type: application/x-www-form-urlencoded, calling rack.input.readnil without enforcing a length or cap. Large request bodies can therefo...

7.5CVSS6.7AI score0.00605EPSS
Exploits0References9
Rows per page
Query Builder