4 matches found
CVE-2026-34763 vulnerabilities
Vulnerabilities for packages: ruby4.0-rack, ruby3.4-rails, ruby3.3-rack, ruby3.2-rails, ruby3.4-rack, ruby3.2-rack, logstash, kube-fluentd-operator...
Linux Distros Unpatched Vulnerability : CVE-2026-34763
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Directory interpolates the configured root path directly into a...
CVE-2026-34763
A flaw was found in Rack. A remote attacker could exploit a vulnerability in Rack::Directory's handling of root paths. When the configured root path contains special regular expression characters, the directory listing generation can fail to properly strip the path prefix. This can lead to the...
CVE-2026-34763
Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Directory interpolates the configured root path directly into a regular expression when deriving the displayed directory path. If root contains regex metacharacters such as +, , or ., the prefix...