Lucene search
K

20 matches found

OpenVAS
OpenVAS
added 2025/11/13 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-eae2126736)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.35376EPSS
Exploits3References29
OpenVAS
OpenVAS
added 2024/09/27 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-7036-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.4AI score0.35376EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/09/26 12:0 a.m.30 views

Ubuntu 22.04 LTS : Rack vulnerabilities (USN-7036-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7036-1 advisory. It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sendin...

10CVSS8AI score0.35376EPSS
Exploits2References11
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.23 views

openSUSE: Security Advisory for rubygem (SUSE-SU-2023:0276-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01626EPSS
Exploits0References2
Debian
Debian
added 2023/10/22 12:35 p.m.56 views

[SECURITY] [DSA 5530-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5530-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 22, 2023 https://www.debian.org/security/faq -...

10CVSS7.2AI score0.02056EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/10/22 12:0 a.m.35 views

Debian DSA-5530-1 : ruby-rack - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5530 advisory. Several vulnerabilities were discovered in ruby-rack, a modular Ruby webserver interface, which may result in denial of service and shell escape sequence injectio...

10CVSS7.4AI score0.02056EPSS
Exploits0References18
Hacker One
Hacker One
added 2023/06/04 7:6 a.m.38 views

Internet Bug Bounty: [CVE-2022-44570] Possible Denial of Service Vulnerability in Rack’s Range header parsing

A denial of service vulnerability was discovered in the Range header parsing component of Rack. This vulnerability could be exploited by sending carefully crafted input to the Range header, causing the parsing component to consume an unexpected amount of time and potentially leading to a denial o...

7.5CVSS7.1AI score0.01626EPSS
Exploits0
Mageia
Mageia
added 2023/03/24 5:55 a.m.126 views

Updated ruby-rack packages fix security vulnerability

A denial of service vulnerability in the Range header parsing component of Rack = 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with...

7.5CVSS6.8AI score0.0183EPSS
Exploits0References6
OSV
OSV
added 2023/03/08 7:29 a.m.7 views

SUSE-SU-2023:0649-1 Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: - CVE-2022-44570: Fixed a potential denial of service when parsing a RFC2183 multipart boundary bsc1207597. - CVE-2022-44571: Fixed a potential denial of service when parsing a Range header bsc1207599...

7.5CVSS7.4AI score0.01626EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/03/03 12:0 a.m.35 views

Ubuntu: Security Advisory (USN-5910-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01626EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/03/02 5:43 p.m.72 views

USN-5910-1: Rack vulnerabilities

It was discovered that Rack did not properly structure regular expressions in some of its parsing components, which could result in uncontrolled resource consumption if an application using Rack received specially crafted input. A remote attacker could possibly use this issue to cause a denial of...

7.5CVSS6.8AI score0.01626EPSS
Exploits0
NVD
NVD
added 2023/02/09 8:15 p.m.21 views

CVE-2022-44570

A denial of service vulnerability in the Range header parsing component of Rack = 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with...

7.5CVSS8.4AI score0.01626EPSS
Exploits0References3
CVE
CVE
added 2023/02/09 12:0 a.m.265 views

CVE-2022-44570

CVE-2022-44570 concerns a denial-of-service vulnerability in Rack’s Range header parsing for Rack versions >= 1.5.0. A carefully crafted input to the Range header can cause the parsing component to consume an unusually long amount of time, potentially enabling a DoS condition, affecting applic...

7.5CVSS7.2AI score0.01626EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/02/09 12:0 a.m.32 views

CVE-2022-44570

A denial of service vulnerability in the Range header parsing component of Rack = 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with...

7.5CVSS7.3AI score0.01626EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/02/07 12:0 a.m.43 views

SUSE SLES15: ruby2.5-rubygem-rack / ruby2.5-rubygem-rack-doc / etc (SUSE-SU-2023:0276-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0276-1 advisory. - CVE-2022-44570: Fixed a potential denial of service when parsing a RFC2183 multipart boundary bsc1207597. - CVE-2022-44571: Fix...

7.5CVSS6.7AI score0.01626EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/01/31 12:0 a.m.36 views

Debian dla-3298 : ruby-rack - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3298 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3298-1 [email protected]...

8.6CVSS6.7AI score0.03593EPSS
Exploits1References12
OpenVAS
OpenVAS
added 2023/01/31 12:0 a.m.22 views

Debian: Security Advisory (DLA-3298-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS6.7AI score0.03593EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/01/19 12:0 a.m.29 views

FreeBSD : rack -- Multiple vulnerabilities (95176ba5-9796-11ed-bfbf-080027f5fec9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 95176ba5-9796-11ed-bfbf-080027f5fec9 advisory. - Aaron Patterson reports: CVE-2022-44570, CVE-2022-44571, CVE-2022-44572 Note that Nessus has...

7.5CVSS6.8AI score0.01626EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2023/01/18 6:19 p.m.29 views

Denial of service via header parsing in Rack

There is a possible denial of service vulnerability in the Range header parsing component of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-44570. Versions Affected: = 1.5.0 Not affected: None. Fixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.2, 3.0.0.1 Impact Carefully crafted inp...

7.5CVSS7.4AI score0.01626EPSS
Exploits0References7Affected Software1
RubySec
RubySec
added 2023/01/18 12:0 a.m.34 views

Denial of service via header parsing in Rack

There is a possible denial of service vulnerability in the Range header parsing component of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-44570. Versions Affected: = 1.5.0 Not affected: None. Fixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.2, 3.0.4.1 Impact Carefully crafted inp...

7.5CVSS4.7AI score0.01626EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder