Lucene search
K

26 matches found

f5
f5
added 2026/01/16 5:3 p.m.11 views

K000159600: Rack vulnerability CVE-2022-30123

Security Advisory Description A sequence injection vulnerability exists in Rack 2.0.9.1, 2.1.4.1 and 2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack. CVE-2022-30123 Impact There is no impact; F5 products are not affected by this vulnerability...

10CVSS7.3AI score0.01801EPSS
Exploits0
openvas
openvas
added 2024/09/27 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-7036-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.4AI score0.35376EPSS
Exploits2References3
nessus
nessus
added 2024/09/26 12:0 a.m.30 views

Ubuntu 22.04 LTS : Rack vulnerabilities (USN-7036-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7036-1 advisory. It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sendin...

10CVSS8AI score0.35376EPSS
Exploits2References11
nessus
nessus
added 2023/10/30 12:0 a.m.37 views

GLSA-202310-18 : Rack: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202310-18 Rack: Multiple Vulnerabilities - A possible denial of service vulnerability exists in Rack 2.0.9.1, 2.1.4.1 and 2.2.3.1 in the multipart parsing component of Rack. CVE-2022-30122 - A sequence injection vulnerability exis...

10CVSS7.5AI score0.02056EPSS
Exploits0References4
debian
debian
added 2023/10/22 12:35 p.m.94 views

[SECURITY] [DSA 5530-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5530-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 22, 2023 https://www.debian.org/security/faq -...

10CVSS7.2AI score0.02056EPSS
Exploits0
nessus
nessus
added 2023/10/22 12:0 a.m.35 views

Debian DSA-5530-1 : ruby-rack - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5530 advisory. Several vulnerabilities were discovered in ruby-rack, a modular Ruby webserver interface, which may result in denial of service and shell escape sequence injectio...

10CVSS7.4AI score0.02056EPSS
Exploits0References18
nessus
nessus
added 2023/10/16 12:0 a.m.44 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Rack vulnerabilities (USN-5253-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5253-1 advisory. It was discovered that Rack insecurely handled session ids. An unauthenticated remote attacker could possibly use this issue to...

10CVSS7.7AI score0.03687EPSS
Exploits1References5
nessus
nessus
added 2023/02/28 12:0 a.m.119 views

Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM : Rack vulnerabilities (USN-5896-1)

The remote Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5896-1 advisory. It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system...

10CVSS8.1AI score0.02056EPSS
Exploits0References3
ubuntu
ubuntu
added 2023/02/27 6:25 p.m.99 views

USN-5896-1: Rack vulnerabilities

It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of...

10CVSS8.2AI score0.02056EPSS
Exploits0
redhat
redhat
added 2023/02/15 11:8 a.m.48 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update

An update is now available for the Logging subsystem for Red Hat OpenShift 5.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

10CVSS6.8AI score0.05623EPSS
Exploits0References3
openvas
openvas
added 2023/01/27 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-5253-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.1AI score0.03687EPSS
Exploits1References2
ubuntu
ubuntu
added 2022/12/13 11:33 a.m.117 views

USN-5253-1: Rack vulnerabilities

It was discovered that Rack insecurely handled session ids. An unauthenticated remote attacker could possibly use this issue to perform a timing attack and hijack sessions. CVE-2019-16782 It was discovered that Rack was incorrectly handling cookies during parsing, not validating them or performin...

10CVSS7.7AI score0.03687EPSS
Exploits1
nessus
nessus
added 2022/12/07 12:0 a.m.45 views

Amazon Linux 2 : pcs (ALAS-2022-1895)

The version of pcs installed on the remote host is prior to 0.9.169-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1895 advisory. A denial of service flaw was found in ruby-rack. An attacker crafting multipart POST requests can cause Rack's multipart...

10CVSS7.8AI score0.02056EPSS
Exploits0References5
cve
cve
added 2022/12/05 12:0 a.m.409 views

CVE-2022-30123

Rack contains a sequence injection vulnerability (CVE-2022-30123) affecting Rack <2.0.9.1, <2.1.4.1, and

10CVSS9.3AI score0.01801EPSS
Exploits0References4Affected Software1
debiancve
debiancve
added 2022/12/05 12:0 a.m.38 views

CVE-2022-30123

A sequence injection vulnerability exists in Rack 2.0.9.1, 2.1.4.1 and 2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack...

10CVSS6.7AI score0.01801EPSS
Exploits0
osv
osv
added 2022/12/05 12:0 a.m.38 views

CVE-2022-30123

A sequence injection vulnerability exists in Rack 2.0.9.1, 2.1.4.1 and 2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack...

10CVSS9.5AI score0.01801EPSS
Exploits0References6
nessus
nessus
added 2022/11/10 12:0 a.m.41 views

Scientific Linux Security Update : pcs on SL7.x x86_64 (2022:7343)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:7343-1 advisory. - rubygem-rack: crafted requests can cause shell escape sequences CVE-2022-30123 - jquery: Prototype pollution in object's prototype leading to...

10CVSS7.3AI score0.87218EPSS
Exploits4References3
nessus
nessus
added 2022/11/03 12:0 a.m.35 views

Oracle Linux 7 : pcs (ELSA-2022-7343)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7343 advisory. 0.9.169-3.0.1 - replace logo pcsd/public/favicon.ico in tarball - remove Source1 HAM-logo.png 0.9.169-3.el73.2 - Update rubygem rack - Upgrade jquery i...

10CVSS7AI score0.87218EPSS
Exploits4References3
openvas
openvas
added 2022/09/04 12:0 a.m.28 views

Debian: Security Advisory (DLA-3095-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.7AI score0.02056EPSS
Exploits0References4
openvas
openvas
added 2022/07/06 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2022-0252)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.7AI score0.02056EPSS
Exploits0References6
Rows per page
Query Builder