Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

RedHat Linux
RedHat Linuxadded 2022/10/27 1:4 p.m.2 views

rubygem-rack: crafted multipart POST request may cause a DoS

A denial of service flaw was found in ruby-rack. An attacker crafting multipart POST requests can cause Rack's multipart parser to take much longer than expected, leading to a denial of service...

7.5CVSS6.7AI score0.01042EPSS
Exploits0References5
OSV
OSVadded 2019/08/07 4:44 p.m.1 views

USN-4089-1 ruby-rack vulnerability

It was discovered that Rack incorrectly handled carefully crafted requests. A remote attacker could use this issue to execute a cross-site scripting XSS attack...

6.1CVSS6.7AI score0.00829EPSS
Exploits0References2
OSV
OSVadded 2018/11/15 10:4 p.m.6 views

MGASA-2018-0449 Updated ruby-rack packages fix security vulnerability

There is a possible XSS vulnerability in Rack. Carefully crafted requests can impact the data returned by the scheme method on Rack::Request.Applications that expect the scheme to be limited to "http" or "https" and do not escape the return value could be vulnerable to an XSS attack CVE-2018-1647...

6.1CVSS5.9AI score0.00829EPSS
Exploits0References3
OSV
OSVadded 2015/09/08 5:55 p.m.7 views

MGASA-2015-0346 Updated ruby-rack packages fix CVE-2015-3225

Updated ruby-rack packages fix security vulnerability: lib/rack/utils.rb in Rack before 1.5.4 allows remote attackers to cause a denial of service SystemStackError via a request with a large parameter depth CVE-2015-3225...

5CVSS6.3AI score0.13251EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2014/06/13 12:0 a.m.36 views

openSUSE Security Update : RubyOnRails (openSUSE-SU-2013:0338-1)

The Ruby on Rails 2.3 stack was updated to 2.3.17. The Ruby on Rails 3.2 stack was updated to 3.2.12. The Ruby Rack was updated to 1.1.6. The Ruby Rack was updated to 1.2.8. The Ruby Rack was updated to 1.3.10. The Ruby Rack was updated to 1.4.5. The updates fix various security issues and bugs. ...

10CVSS6.4AI score0.16071EPSS
Exploits2References13
Tenable Nessus
Tenable Nessusadded 2014/05/19 12:0 a.m.31 views

GLSA-201405-10 : Rack: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201405-10 Rack: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Rack. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with...

5.1CVSS7.2AI score0.16071EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2013/02/18 12:0 a.m.36 views

FreeBSD : Ruby Rack Gem -- Multiple Issues (fcfdabb7-f14d-4e61-a7d5-cfefb4b99b15)

Rack developers report : Today we are proud to announce the release of Rack 1.4.5. Fix CVE-2013-0263, timing attack against Rack::Session::Cookie Fix CVE-2013-0262, symlink path traversal in Rack::File %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

5.1CVSS6.4AI score0.16071EPSS
Exploits0References3
Rows per page
Query Builder