OPENSUSE-SU-2026:10508-1 ruby4.0-rubygem-rack-2.2-2.2.23-1.1 on GA media

These are all security issues fixed in the ruby4.0-rubygem-rack-2.2-2.2.23-1.1 package on the GA media of openSUSE Tumbleweed...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005328)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005328 advisory. Rack is a modular Ruby web server interface. Prior to version 2.2.18, Rack::QueryParser enforces its paramslimit only for parameters separated by &, while still...

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

OESA-2025-1684 rubygem-rack security update

Rack provides a minimal, modular, and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a single...

TencentOS Server 4: rubygem-rack (TSSA-2025:0364)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0364 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

[SECURITY] [DSA 5886-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5886-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 25, 2025 https://www.debian.org/security/faq -...

SUSE-SU-2023:0649-1 Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: - CVE-2022-44570: Fixed a potential denial of service when parsing a RFC2183 multipart boundary bsc1207597. - CVE-2022-44571: Fixed a potential denial of service when parsing a Range header bsc1207599...

MGASA-2020-0306 Updated ruby-rack packages fix security vulnerability

A reliance on cookies without validation/integrity check security vulnerability exists in rack 2.2.3 that makes it is possible for an attacker to forge a secure or host-only cookie prefix CVE-2020-8184...

PT-2020-5644

Name of the Vulnerable Software and Affected Versions rack versions prior to 2.2.3 rack versions prior to 2.1.4 Description A security issue exists due to a reliance on cookies without proper validation or integrity checks, making it possible for an attacker to forge a secure or host-only cookie...

MGASA-2020-0252 Updated ruby-rack packages fix security vulnerability

Updated ruby-rack packages fix security vulnerabilities: There's a possible information leak / session hijack vulnerability in RackRubyGem rack. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a...

[SECURITY] [DLA 1585-1] ruby-rack security update

Package : ruby-rack Version : 1.5.2-3+deb8u2 CVE ID : CVE-2018-16471 Debian Bug : 913005 It was discovered that there was an XSS vulnerability in the ruby-rack web-server library. A malicious request could impact the HTTP/HTTPS scheme being returned to the underlying application. For Debian 8...