Lucene search
K

8 matches found

Debian
Debian
added 2021/05/18 2:42 p.m.23 views

[SECURITY] [DSA 4918-1] ruby-rack-cors security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4918-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 18, 2021 https://www.debian.org/security/faq -...

5CVSS1.5AI score0.02462EPSS
Exploits0
Debian
Debian
added 2021/05/18 2:42 p.m.24 views

[SECURITY] [DSA 4918-1] ruby-rack-cors security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4918-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 18, 2021 https://www.debian.org/security/faq -...

5.3CVSS5.5AI score0.02462EPSS
Exploits0
Debian
Debian
added 2020/10/01 12:17 p.m.38 views

[SECURITY] [DLA 2389-1] ruby-rack-cors security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2389-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta October 01, 2020 https://wiki.debian.org/LTS -...

5.3CVSS5.5AI score0.02462EPSS
Exploits0
Debian
Debian
added 2020/02/06 7:31 a.m.79 views

[SECURITY] [DLA 2096-1] ruby-rack-cors security update

Package : ruby-rack-cors Version : 0.2.9-1+deb8u1 CVE ID : CVE-2019-18978 This package allowed ../ directory traversal to access private resources because resource matching did not ensure that pathnames were in a canonical format. For Debian 8 "Jessie", this problem has been fixed in version...

5.3CVSS5.5AI score0.02462EPSS
Exploits0
OSV
OSV
added 2019/11/14 9:15 p.m.3 views

DEBIAN-CVE-2019-18978

An issue was discovered in the rack-cors aka Rack CORS Middleware gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format...

5.3CVSS6.9AI score0.02462EPSS
Exploits0References1
OSV
OSV
added 2019/11/14 9:15 p.m.14 views

CVE-2019-18978

An issue was discovered in the rack-cors aka Rack CORS Middleware gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format...

5.3CVSS5.1AI score
Exploits0References6
CVE
CVE
added 2019/11/14 8:21 p.m.150 views

CVE-2019-18978

CVE-2019-18978 (rack-cors) affects the Rack CORS Middleware for Ruby, prior to v1.0.4. The issue is improper canonicalization of pathnames, allowing directory traversal ("../") to access private resources. In public disclosures, Debian/Ubuntu advisories and OSS security plugins reference this vul...

5.3CVSS5.3AI score0.02462EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2019/11/14 8:21 p.m.23 views

CVE-2019-18978

An issue was discovered in the rack-cors aka Rack CORS Middleware gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format...

5.3CVSS5.1AI score0.02462EPSS
Exploits0
Rows per page
Query Builder