Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.39 views

openSUSE Security Update : RubyOnRails (openSUSE-SU-2013:0338-1)

The Ruby on Rails 2.3 stack was updated to 2.3.17. The Ruby on Rails 3.2 stack was updated to 3.2.12. The Ruby Rack was updated to 1.1.6. The Ruby Rack was updated to 1.2.8. The Ruby Rack was updated to 1.3.10. The Ruby Rack was updated to 1.4.5. The updates fix various security issues and bugs. ...

10CVSS6.4AI score0.07497EPSS
Exploits2References13
Tenable Nessus
Tenable Nessus
added 2014/05/19 12:0 a.m.31 views

GLSA-201405-10 : Rack: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201405-10 Rack: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Rack. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with...

5.1CVSS7.2AI score0.05281EPSS
Exploits0References6
OSV
OSV
added 2013/03/01 5:40 a.m.10 views

CVE-2012-6109

lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of service infinite loop via a crafted Content-Disposion header...

6.2AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2013/03/01 5:40 a.m.25 views

CVE-2012-6109

lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of service infinite loop via a crafted Content-Disposion header...

4.3CVSS7.1AI score0.02717EPSS
Exploits0References1
CVE
CVE
added 2013/03/01 2:0 a.m.94 views

CVE-2012-6109

Rack vulnerability CVE-2012-6109: DoS via crafted Content-Disposition header due to an incorrect regular expression in Rack’s multipart header parser. Affected: Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2. Impact: potential infinite loop/DoS. Mitigation: upgr...

4.3CVSS6.3AI score0.02717EPSS
Exploits0References7Affected Software1
OpenVAS
OpenVAS
added 2013/01/28 12:0 a.m.30 views

Fedora Update for rubygem-rack FEDORA-2013-0837

Check for the Version of rubygem-rack OpenVAS Vulnerability Test Fedora Update for rubygem-rack FEDORA-2013-0837 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

5CVSS0.03778EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/01/28 12:0 a.m.37 views

Fedora 17 : rubygem-rack-1.4.0-3.fc17 (2013-0861)

Fixes for CVE-2011-6109, CVE-2013-0183 and CVE-2013-0184. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

5CVSS7.2AI score0.03778EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2013/01/28 12:0 a.m.23 views

Fedora Update for rubygem-rack FEDORA-2013-0861

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.4AI score0.03778EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/01/28 12:0 a.m.25 views

Fedora Update for rubygem-rack FEDORA-2013-0896

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.4AI score0.04016EPSS
Exploits1References2
RubySec
RubySec
added 2012/05/04 12:0 a.m.23 views

CVE-2012-6109 rubygem-rack: parsing Content-Disposition header DoS

lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of service infinite loop via a crafted Content-Disposion header...

4.3CVSS5.6AI score0.02717EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder