Lucene search
K

13 matches found

OSV
OSV
added 2026/01/13 12:43 p.m.2 views

SUSE-SU-2026:20093-1 Security update for hawk2

This update for hawk2 fixes the following issues: - Bump ruby gem rack to 3.1.18 bsc1251939. - Bump ruby gem uri to 1.0.4. - Fix the mtime in manifest.json bsc1230275. - Make builds determinitstic bsc1230275. - Bump rails version from 8.0.2 to 8.0.2.1 bsc1248100. - Require openssl explicitly...

7.5CVSS6.8AI score0.00591EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1229

Malicious code in bioql PyPI...

7.4CVSS5.8AI score0.02207EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2025/05/23 8:4 a.m.4 views

CVE-2024-51743

MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability in the update/upload/create file methods in Controllers allows authenticated instructors to write arbitrary files to any location on the web server...

8.8CVSS8.9AI score0.00723EPSS
Exploits0References1
OSV
OSV
added 2024/07/05 11:8 a.m.4 views

OESA-2024-1810 rubygem-actionpack security update

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser. Security Fixes: Action Pack is a framework for handling and responding to web requests. Und...

7.4CVSS6.6AI score0.02207EPSS
Exploits0References2
OSV
OSV
added 2024/06/28 11:8 a.m.2 views

OESA-2024-1777 rubygem-actionpack security update

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser. Security Fixes: Action Pack is a framework for handling and responding to web requests. Und...

7.4CVSS6.6AI score0.02207EPSS
Exploits0References2
OSV
OSV
added 2024/06/28 11:8 a.m.4 views

OESA-2024-1764 rubygem-activesupport security update

A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing. Security Fixes: Action Pack is a framework for handling and responding to web requests. Under certain circumstances respon...

7.4CVSS6.7AI score0.02207EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.5 views

SUSE CVE-2022-23633

Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for the next request. This can lead to dat...

5.9CVSS5.6AI score0.02207EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/02/11 9:15 p.m.9 views

CVE-2022-23633

Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for the next request. This can lead to dat...

7.4CVSS6.3AI score0.02207EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2022/02/11 9:15 p.m.4 views

DEBIAN-CVE-2022-23633

Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for the next request. This can lead to dat...

5.9CVSS5.8AI score0.02207EPSS
Exploits0References1
OSV
OSV
added 2022/02/11 9:15 p.m.4 views

UBUNTU-CVE-2022-23633

Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for the next request. This can lead to dat...

7.4CVSS6.3AI score0.02207EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/02/11 8:49 p.m.34 views

Exposure of information in Action Pack

Impact Under certain circumstances response bodies will not be closed, for example a bug in a webserver or a bug in a Rack middleware. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for the next request. This can lead to data...

7.4CVSS0.9AI score0.02207EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2022/02/11 8:49 p.m.29 views

GHSA-WH98-P28R-VRC9 Exposure of information in Action Pack

Impact Under certain circumstances response bodies will not be closed, for example a bug in a webserver or a bug in a Rack middleware. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for the next request. This can lead to data...

7.4CVSS6.4AI score0.02207EPSS
Exploits0References12
Snyk
Snyk
added 2020/05/19 7:38 a.m.2 views

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF given a global CSRF token such as the one present in the authenticitytoken meta tag. Remediation Upgrade actionpack to version 5.2.4.3, 6.0.3.1 or higher. References - GitHub Commit - Google Group Forum -...

6.5CVSS7.6AI score0.01673EPSS
Exploits1References2
Rows per page
Query Builder