2 matches found
Security Bulletin: Multiple vulnerabilities in IBM Aspera Console
Summary Multiple vulnerabilities were addressed in IBM Aspera Console version 3.4.10 Vulnerability Details CVEID:CVE-2026-26961 DESCRIPTION: Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser extracts the boundary parameter from...
CVE-2012-6109
lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of service infinite loop via a crafted Content-Disposion header...