60 matches found
EUVD-2019-0758
Malware in sbrugna...
EUVD-2018-0207
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-18978
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the rack-cors aka Rack CORS Middleware gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources becau...
Insecure File Permissions
rack-cors is vulnerable to Insecure File Permissions. The vulnerability is due to the distribution of files with world-writable permissions. This can potentially lead to unauthorized disclosure or modification...
CVE-2024-27456
An insecure file permission flaw was found in rack-cors. The permissions for .rb files distributed with rack-cors ruby gem are set to 0666 by default, which may allow users with low privileges to edit files. This issue impacts integrity, confidentiality, and availability...
GHSA-785G-282Q-PWVX Rack CORS Middleware has Insecure File Permissions
rack-cors aka Rack CORS Middleware 2.0.1 has 0666 permissions for the .rb files...
Rack CORS Middleware has Insecure File Permissions
rack-cors aka Rack CORS Middleware 2.0.1 has 0666 permissions for the .rb files...
CVE-2024-27456
rack-cors aka Rack CORS Middleware 2.0.1 has 0666 permissions for the .rb files...
CVE-2024-27456
rack-cors aka Rack CORS Middleware 2.0.1 has 0666 permissions for the .rb files...
Rack Security Vulnerabilities
Rack is a modular Ruby web server interface. A security vulnerability exists in rack-cors version 2.0.1 that stems from the presence of insecure file permissions...
CVE-2024-27456
rack-cors aka Rack CORS Middleware 2.0.1 has 0666 permissions for the .rb files...
CVE-2024-27456
CVE-2024-27456 concerns rack-cors 2.0.1 with insecure file permissions: .rb files shipped as 0666, potentially impacting integrity, confidentiality, and availability. Root cause: default permissive file permissions. Public exposure documented by Red Hat and other sources; exploitation details are...
PT-2024-1854 · Rack-Cors · Rack-Cors
Name of the Vulnerable Software and Affected Versions: rack-cors aka Rack CORS Middleware version 2.0.1 Description: The issue is related to incorrectly used standard permissions in the Rack CORS Middleware, which may allow an attacker to impact the integrity, confidentiality, and availability of...
CVE-2024-27456
rack-cors aka Rack CORS Middleware 2.0.1 has 0666 permissions for the .rb files...
CVE-2024-27456
rack-cors aka Rack CORS Middleware 2.0.1 has 0666 permissions for the .rb files...
Rack CORS Middleware has Insecure File Permissions
rack-cors aka Rack CORS Middleware 2.0.1 has 0666 permissions for the .rb files...
Debian DSA-4918-1 : ruby-rack-cors - security update
Improper pathname handling in ruby-rack-cors, a middleware that makes Rack-based apps CORS compatible, may result in access to private resources. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisor...
Debian: Security Advisory (DSA-4918-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4918-1] ruby-rack-cors security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4918-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 18, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4918-1] ruby-rack-cors security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4918-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 18, 2021 https://www.debian.org/security/faq -...