6 matches found
The vulnerability of the modular interface of the Ruby-based Rack web server allows a hacker to trigger a service failure.
The vulnerability of the modular interface of the Ruby-based Rack web server is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the modular interface of the Ruby-based Rack web server allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Ruby-based Rack web server’s modular interface is related to partial comparison. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CVE-2026-34786
Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...
CVE-2026-34785
Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static determines whether a request should be served as a static file using a simple string prefix check. When configured with URL prefixes such as "/css", it matches any request path that begins with...
The vulnerability in the Rack::Request#POST class of the modular interface between web servers and Rack web applications allows a attacker to cause a service failure.
The vulnerability in the Rack::RequestPOST class of the modular interface between web servers and Rack web applications involves an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the modular interface between web servers and web applications in Rack, related to improper input validation, allows attackers to execute DoS attacks.
The vulnerability of the modular interface between web servers and web applications in Rack is related to insufficient validation of data entered by users during the analysis of complex POST requests. Exploiting this vulnerability allows a malicious actor to execute a DoS attack using a specially...