Linux Distros Unpatched Vulnerability : CVE-2024-35231

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rack-contrib provides contributed rack middleware and utilities for Rack, a Ruby web server interface. Versions of rack-contrib prior to 2.5.0 are vulnerable to...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the unconstrained value of the incoming profilerruns parameter. An attacker can cause the server to allocate excessive resources, leading to a denial of service by sending...

UBUNTU-CVE-2024-35231

rack-contrib provides contributed rack middleware and utilities for Rack, a Ruby web server interface. Versions of rack-contrib prior to 2.5.0 are vulnerable to denial of service due to the fact that the user controlled data profilerruns was not constrained to any limitation. This would lead to...

PT-2024-26396 · Unknown · Rack-Contrib

Name of the Vulnerable Software and Affected Versions: rack-contrib versions prior to 2.5.0 Description: The issue is related to a denial of service vulnerability due to the lack of constraints on user-controlled data profiler runs. This allows for the allocation of resources on the server side...

SUSE CVE-2024-1556

The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 123...