Lucene search
+L

15 matches found

openvas
openvas
added 2025/11/25 12:0 a.m.2 views

Mageia: Security Advisory (MGASA-2025-0311)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.01142EPSS
Exploits1References4
openvas
openvas
added 2025/11/13 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-eae2126736)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.35376EPSS
Exploits3References29
openvas
openvas
added 2025/07/24 12:0 a.m.2 views

Ubuntu: Security Advisory (USN-7366-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.01142EPSS
Exploits1References2
redhat
redhat
added 2025/04/02 8:5 p.m.20 views

Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.19

Logging for Red Hat OpenShift - 5.8.19 Logging for Red Hat OpenShift - 5.8.19 logging-fluentd-container: Local File Inclusion in Rack::StaticCVE-2025-27610...

7.5CVSS7.1AI score0.01068EPSS
Exploits0References1
openvas
openvas
added 2025/03/26 12:0 a.m.7 views

Debian: Security Advisory (DSA-5886-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.01142EPSS
Exploits1References2
nessus
nessus
added 2025/03/25 12:0 a.m.14 views

Debian dsa-5886 : ruby-rack - security update

The remote Debian 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5886 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5886-1 [email protected] https://www.debian.org/securit...

7.5CVSS7.2AI score0.01142EPSS
Exploits1References8
openvas
openvas
added 2025/03/25 12:0 a.m.11 views

Ubuntu: Security Advisory (USN-7366-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.01142EPSS
Exploits1References2
openvas
openvas
added 2025/03/17 12:0 a.m.13 views

openSUSE Security Advisory (SUSE-SU-2025:0874-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.01142EPSS
Exploits1References6
openvas
openvas
added 2025/03/17 12:0 a.m.14 views

openSUSE Security Advisory (SUSE-SU-2025:0858-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01142EPSS
Exploits1References5
redhatcve
redhatcve
added 2025/03/11 5:40 a.m.13 views

CVE-2025-27610

A flaw was found in RackRubygems, where Rack::Static does not properly sanitize user-supplied paths before serving files. Specifically, encoded path traversal sequences are not correctly validated, allowing attackers to access files outside the designated static file directory. This flaw allows a...

7.5CVSS7.3AI score0.01068EPSS
Exploits0References5
nvd
nvd
added 2025/03/10 11:15 p.m.10 views

CVE-2025-27610

Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, Rack::Static can serve files under the specified root: even if urls: are provided, which may expose other files under the specified root: unexpectedly. The vulnerability occurs becaus...

7.5CVSS0.01068EPSS
Exploits0References3
cgr
cgr
added 2025/03/10 11:15 p.m.20 views

CVE-2025-27610 vulnerabilities

Vulnerabilities for packages: ruby3.2-rack, ruby3.4-rack, ruby3.3-rack, ruby4.0-rack, ruby3.4-rails, ruby3.2-rails, kube-fluentd-operator, ruby3.3-rails, logstash...

7.5CVSS6.8AI score0.01068EPSS
Exploits0
ubuntucve
ubuntucve
added 2025/03/10 11:15 p.m.9 views

CVE-2025-27610

Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, Rack::Static can serve files under the specified root: even if urls: are provided, which may expose other files under the specified root: unexpectedly. The vulnerability occurs becaus...

7.5CVSS7AI score0.01068EPSS
Exploits0References4
cvelist
cvelist
added 2025/03/10 10:19 p.m.40 views

CVE-2025-27610 Local File Inclusion in Rack::Static

Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, Rack::Static can serve files under the specified root: even if urls: are provided, which may expose other files under the specified root: unexpectedly. The vulnerability occurs becaus...

7.5CVSS0.01068EPSS
Exploits0References2
osv
osv
added 2025/03/10 10:19 p.m.14 views

CVE-2025-27610 Local File Inclusion in Rack::Static

Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, Rack::Static can serve files under the specified root: even if urls: are provided, which may expose other files under the specified root: unexpectedly. The vulnerability occurs becaus...

7.5CVSS7.2AI score0.01068EPSS
Exploits0References5
Rows per page
Query Builder