Lucene search
K

4 matches found

OSV
OSV
added 2024/12/20 9:50 a.m.9 views

BIT-RAILS-2024-26142 Rails possible ReDoS vulnerability in Accept header parsing in Action Dispatch

Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are...

7.5CVSS6.4AI score0.01498EPSS
Exploits0References6
OSV
OSV
added 2024/10/16 8:15 p.m.2 views

UBUNTU-CVE-2024-47887

Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authenticatio...

8.7CVSS6.4AI score0.01048EPSS
Exploits0References8
OSV
OSV
added 2024/02/29 12:15 a.m.4 views

DEBIAN-CVE-2024-26146

Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Ruby 3.2 has mitigations for this problem, so Rack applications using Ru...

7.5CVSS6AI score0.01996EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/02/24 3:16 a.m.3 views

SUSE CVE-2024-26146

Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Ruby 3.2 has mitigations for this problem, so Rack applications using Ru...

5.3CVSS6.8AI score0.01996EPSS
Exploits0References9
Rows per page
Query Builder