5 matches found
MiracleLinux 8 : pcs-0.10.18-2.el8_10.ML.1 (AXSA:2024-8447:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8447:02 advisory. rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing CVE-2024-25126 rubygem-rack: Possible DoS Vulnerability with Range Header...
MiracleLinux 9 : pcs-0.11.7-2.el9_4.ML.1 (AXSA:2024-8111:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8111:01 advisory. rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing CVE-2024-25126 rubygem-rack: Possible DoS Vulnerability with Range Header...
rubygem-rack: Possible DoS Vulnerability with Range Header in Rack
A denial of service DoS vulnerability was found in rubygem-rack in how it parses Range Header. Carefully crafted range headers can cause a server to respond with an unexpectedly large response. Responding with large responses could lead to a denial of service issue...
DEBIAN-CVE-2024-26141
Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the Rack::File middleware or the...
PT-2023-8901
Name of the Vulnerable Software and Affected Versions Rack versions 1.5.0 through 2.0.9.1 Rack versions 2.1.0 through 2.1.4.1 Rack versions 2.2.0 through 2.2.6.1 Rack versions 3.0.0 through 3.0.0.0 Description A denial of service vulnerability in the Range header parsing component of Rack can cau...