63 matches found
Astra Linux - уязвимость в ruby-sinatra
Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there was a denial-of-service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method was used when constructing the response. Carefully crafted...
Regular Expression Denial Of Service (ReDoS)
sinatra is vulnerable to Denial-Of-Service. The vulnerability is due to inefficient header parsing when the etag method is used, allowing attackers to send crafted headers that consume excessive CPU time and cause denial of service...
CVE-2025-61921
A flaw was found in Sinatra. A Regular Expression Denial of Service ReDoS vulnerability can be triggered when parsing the If-Match and If-None-Match HTTP headers. A remote attacker can exploit this issue by sending a specially crafted header to an application endpoint that uses the etag method,...
Linux Distros Unpatched Vulnerability : CVE-2025-61921
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the...
SUSE CVE-2025-61921
Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...
Sinatra is vulnerable to ReDoS through ETag header value generation
Summary There is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response and you are using Ruby = 3.2...
GHSA-MR3Q-G2MV-MR4Q Sinatra is vulnerable to ReDoS through ETag header value generation
Summary There is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response and you are using Ruby = 3.2...
DEBIAN-CVE-2025-61921
Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...
CVE-2025-61921
Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...
UBUNTU-CVE-2025-61921
Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...
CVE-2025-61921
CVE-2025-61921 affects Sinatra up to version 4.1.x (pre-4.2.0), where parsing of If-Match and If-None-Match headers during response construction with etag can consume excessive time, enabling a possible DoS. The issue is tied to the header parsing component and impacts applications using the etag...
CVE-2025-61921 Sinatra has ReDoS vulnerability in ETag header value generation
Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...
EUVD-2025-33767
Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...
CVE-2025-61921 Sinatra has ReDoS vulnerability in ETag header value generation
Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...
CVE-2025-61921 Sinatra has ReDoS vulnerability in ETag header value generation
Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...
CVE-2025-61921
Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...
PT-2025-41597
Name of the Vulnerable Software and Affected Versions Sinatra versions prior to 4.2.0 Description Sinatra, a domain-specific language for creating web applications in Ruby, contains an issue where carefully crafted input can cause excessive processing time during the parsing of If-Match and...
Sinatra is vulnerable to ReDoS through ETag header value generation
Summary There is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response and you are using Ruby = 3.2...
EUVD-2003-1408
Malware in sbrugna...
EUVD-2003-0101
Malware in sbrugna...