8 matches found
USN-8182-1: Rack vulnerabilities
Andrew Lacambra discovered that Rack did not properly parse certain regular expressions. An attacker could possibly use this issue to bypass network security filters. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.10. CVE-2026-26961 William T. Nelson...
RHEL 9 : pcs (RHSA-2025:20962)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:20962 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack...
Important: Red Hat Security Advisory: pcs security update
An update for pcs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...
pcs security update
An update is available for pcs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The pcs packages provide a command-line configuration system for the Pacemaker an...
RHEL 8 : pcs (RHSA-2025:19734)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19734 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack...
rubygem-rack: Possible DoS Vulnerability with Range Header in Rack
A denial of service DoS vulnerability was found in rubygem-rack in how it parses Range Header. Carefully crafted range headers can cause a server to respond with an unexpectedly large response. Responding with large responses could lead to a denial of service issue...
Medium: pcs
Issue Overview: A Denial of Service DoS vulnerability was found in rubygem-rack in how it parses Content-Type. Carefully crafted content type headers can cause Rack's media type parser to take much longer than expected, leading to a possible denial of service vulnerability. CVE-2024-25126 A Denia...
rubygem-activerecord -- multiple vulnerabilities
rubygem-activerecord -- multiple vulernabilities Due to the way Active Record interprets parameters in combination with the way that Rack parses query parameters, it is possible for an attacker to issue unexpected database queries with "IS NULL" where clauses. This issue does not let an attacker...