Fedora: Security Advisory (FEDORA-2025-eae2126736)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2024-2325

Malicious code in bioql PyPI...

OESA-2025-1685 rubygem-rack security update

Rack provides a minimal, modular, and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a single...

TencentOS Server 3: pcs (TSSA-2024:0388)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0388 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in rack-2.0.7.gem

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of rack-2.0.7.gem Vulnerability Details CVEID:CVE-2022-44572 DESCRIPTION: Rack is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the multipart parsing component...

Ubuntu: Security Advisory (USN-7036-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : Rack vulnerabilities (USN-7036-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7036-1 advisory. It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sendin...

USN-6837-2: Rack vulnerabilities

It was discovered that Rack incorrectly parsed certain media types. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2024-25126 It was discovered that Rack...

Ubuntu: Security Advisory (USN-6837-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Rack vulnerabilities (USN-6837-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6837-2 advisory. It was discovered that Rack incorrectly parsed certain media types. A remote attacker could possibly use...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to denial of service due to Rack ( CVE-2024-26146 )

Summary Rack is used by IBM Cloud Pak for Data as part of the platform. CVE-2024-26146. Vulnerability Details CVEID:CVE-2024-26146 DESCRIPTION: Rack is vulnerable to a denial of service, caused by improper validation of user-supplied input by the header parsing process. By sending a specially...

CVE-2024-39316

Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior to version 3.1.5, Regular Expression Denial of Service ReDoS vulnerability exists in the Rack::Request::Helpers module when parsing HTTP Accept headers. This vulnerability can be exploited by an attacker sending...

Ubuntu: Security Advisory (USN-6837-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6837-1: Rack vulnerabilities

It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 23.10. CVE-2023-27530 It was discovered that Rack incorrectly parsed certain...

Ubuntu 23.10 / 24.04 LTS : Rack vulnerabilities (USN-6837-1)

The remote Ubuntu 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6837-1 advisory. It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to consume...

Rocky Linux 8 : pcs (RLSA-2024:2953)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2953 advisory. rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing CVE-2024-25126 rubygem-rack: Possible DoS Vulnerability with Range Header in...

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 : pcs (RHSA-2024:3431)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3431 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial ...

[SECURITY] [DSA 5698-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5698-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 24, 2024 https://www.debian.org/security/faq -...

Debian dsa-5698 : ruby-rack - security update

The remote Debian 11 / 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5698 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5698-1 [email protected]...