CVE-2026-33658 Rails Active Storage has a possible DoS vulnerability in proxy mode via multi-range requests

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1 Active Storage's proxy controller does not limit the number of byte ranges in an HTTP Range header. A request with thousands of small ranges causes disproportionate C...

Fedora 15 : httpd-2.2.21-1.fc15 (2011-12715)

This update includes the latest stable release of the Apache HTTP Server, version 2.2.21. Two security issues have been fixed : modproxyajp when combined with modproxybalancer: Prevents unrecognized HTTP methods from marking ajp: balancer members in an error state, avoiding denial of service...