Lucene search
K

6 matches found

BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.4 views

The vulnerability of the modular interface of the Ruby-based Rack web server allows a hacker to trigger a service failure.

The vulnerability of the modular interface of the Ruby-based Rack web server is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS5.8AI score0.0043EPSS
Exploits0References8Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.2 views

The vulnerability of the modular interface of the Ruby-based Rack web server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Ruby-based Rack web server’s modular interface is related to partial comparison. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS5.9AI score0.00387EPSS
Exploits0References7Affected Software4
UbuntuCve
UbuntuCve
added 2026/04/02 5:16 p.m.5 views

CVE-2026-34786

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...

5.3CVSS5.9AI score0.00195EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/04/02 4:44 p.m.2 views

CVE-2026-34785

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static determines whether a request should be served as a static file using a simple string prefix check. When configured with URL prefixes such as "/css", it matches any request path that begins with...

7.5CVSS5.2AI score0.00387EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/11/07 12:0 a.m.4 views

The vulnerability in the Rack::Request#POST class of the modular interface between web servers and Rack web applications allows a attacker to cause a service failure.

The vulnerability in the Rack::RequestPOST class of the modular interface between web servers and Rack web applications involves an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS6.6AI score0.00605EPSS
Exploits0References15Affected Software11
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.10 views

The vulnerability of the modular interface between web servers and web applications in Rack, related to improper input validation, allows attackers to execute DoS attacks.

The vulnerability of the modular interface between web servers and web applications in Rack is related to insufficient validation of data entered by users during the analysis of complex POST requests. Exploiting this vulnerability allows a malicious actor to execute a DoS attack using a specially...

7.8CVSS6.7AI score0.02056EPSS
Exploits0References10Affected Software9
Rows per page
Query Builder