Rack 安全漏洞

Rack is a modular Ruby web server interface developed by Rack authors. Vulnerabilities exist in versions of Rack prior to 2.2.23, 3.1.21, and 3.2.6. These vulnerabilities stem from Rack::Utils.getbyteranges, which does not limit the number of individual byte ranges when parsing HTTP Range headers...

SUSE-SU-2026:0703-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2026-0716: improper bounds handling may allow out-of-bounds read bsc1256418. - CVE-2025-4476: null pointer dereference may lead to denial of service bsc1243422. - CVE-2025-32049: denial of Service attack to websocket server bsc1240751. -...

AZL-77889 CVE-2026-2443 affecting package libsoup 3.4.4-12

A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server...

CVE-2026-2443

A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server...

Linux Distros Unpatched Vulnerability : CVE-2026-2443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may...

CakePHP 2.6.13, 2.7.11, 2.8.2, 3.0.17, 3.1.12, and 3.2.5 Released

CakePHP 2.6.13, 2.7.11, 2.8.2, 3.0.17, 3.1.12, and 3.2.5 Released The CakePHP core team is happy to announce the immediate availability of CakePHP 2.6.13, 2.7.11, 2.8.2, 3.0.17, 3.1.12, and 3.2.5. These releases contain security fixes. 3.2.5 and 2.8.2 also contain bugfixes. Security Fixes These...

Amazon Linux: Security Advisory (ALAS-2014-411)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : squid (ALAS-2014-433)

A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. CVE-2014-3609 A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to...

Important: squid

Issue Overview: A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. CVE-2014-3609 A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send...

Scientific Linux Security Update : squid on SL5.x, SL6.x i386/x86_64 (20140903)

A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. CVE-2014-3609 A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to...

RHEL 5 / 6 : squid (RHSA-2014:1148)

An updated squid package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

squid security update

CentOS Errata and Security Advisory CESA-2014:1147 Updated squid packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which...

Important: Red Hat Security Advisory: squid security update

Updated squid packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...