Lucene search
K

6 matches found

CNNVD
CNNVD
added 2026/04/02 12:0 a.m.8 views

Rack 安全漏洞

Rack is a modular Ruby web server interface developed by Rack authors. Vulnerabilities exist in versions of Rack prior to 2.2.23, 3.1.21, and 3.2.6. These vulnerabilities stem from Rack::Utils.selectbestencoding, which has a quadratic time complexity when processing Accept-Encoding headers...

7.5CVSS5.8AI score0.0043EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.11 views

Rack 安全漏洞

Rack is a modular Ruby web server interface developed by Rack authors. Vulnerabilities exist in versions of Rack prior to 2.2.23, 3.1.21, and 3.2.6. These vulnerabilities stem from Rack::Staticapplicablerules’ evaluation of header rules for PATHINFO when the original URL is encoded. The underlyin...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/07 12:0 a.m.3 views

Rack 资源管理错误漏洞

Rack is a modular Ruby web server interface open-sourced by Rack. A resource management error vulnerability exists in Rack versions prior to 2.2.19, prior to 3.1.17, and prior to 3.2.2, which stems from Rack::Multipart::Parser storing non-document form fields entirely in memory, potentially leadi...

7.5CVSS6.6AI score0.00528EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/28 12:0 a.m.3 views

Rack Security Vulnerabilities

Rack is the modular Ruby web server interface. A security vulnerability in Rack versions prior to 2.0.9.4, prior to 2.1.4.4, prior to 2.2.8.1, and prior to 3.0.9.1 stems from a carefully crafted header that could cause Rack's media type parser to take longer than expected, resulting in a denial o...

7.5CVSS6.7AI score0.01996EPSS
Exploits0References11
CNNVD
CNNVD
added 2024/02/28 12:0 a.m.4 views

Rack Resource Management Error Vulnerability

Rack is a modular Ruby web server interface. A resource management error vulnerability exists in Rack versions prior to 3.0.9.1, 2.2.8.1, and 2.2.8.1, which stems from a crafted Range header that may cause the server to respond abnormally, resulting in a denial of service...

7.5CVSS6.6AI score0.01612EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.4 views

SUSE CVE-2020-8161

A directory traversal vulnerability exists in rack 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure...

5.9CVSS6.7AI score0.03593EPSS
Exploits0References5
Rows per page
Query Builder