Astra Linux - уязвимость в ruby-sinatra

In versions of Sinatra before 2.2.0, it does not validate that the expanded path matches publicdir when serving static files...

Ubuntu: Security Advisory (USN-7664-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TencentOS Server 3: pcs (TSSA-2023:0189)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0189 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

ROS-20250326-04

A vulnerability in the Ruby Sinatra web application development framework is related to causing an Open Redirect Attack Attack by inserting an arbitrary address into this header. Exploiting the vulnerability allows an attacker, acting remotely, to gain access to sensitive data...

CVE-2024-21510 vulnerabilities

Vulnerabilities for packages: ruby3.3-sinatra, logstash, ruby3.2-sinatra...

Debian: Security Advisory (DLA-3877-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3877-1] ruby-sinatra security update

Debian LTS Advisory DLA-3877-1 [email protected] https://www.debian.org/lts/security/ Jochen Sprickerhof September 05, 2024 https://wiki.debian.org/LTS Package : ruby-sinatra Version : 2.0.8.1-2+deb11u1 CVE ID : CVE-2022-29970 CVE-2022-45442 Debian Bug : 1014717 1070953 Sinatra is an op...

Debian dla-3877 : ruby-rack-protection - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3877 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3877-1 [email protected]...

DLA-3877-1 ruby-sinatra - security update

Bulletin has no description...

Mageia: Security Advisory (MGASA-2023-0029)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2023-0029 Updated ruby-sinatra packages fix security vulnerability

Potential reflected file download RFD vulnerability in ruby-sinatra, a Ruby library for writing HTTP applications. A Content-Disposition HTTP header was being incorrectly derived from a potentially user-supplied filename. CVE-2022-45442...

Updated ruby-sinatra packages fix security vulnerability

Potential reflected file download RFD vulnerability in ruby-sinatra, a Ruby library for writing HTTP applications. A Content-Disposition HTTP header was being incorrectly derived from a potentially user-supplied filename. CVE-2022-45442...

Debian: Security Advisory (DLA-3264-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3264-1] ruby-sinatra security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3264-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb January 10, 2023 https://wiki.debian.org/LTS -...

DLA-3264-1 ruby-sinatra - security update

Bulletin has no description...

Debian dla-3264 : ruby-rack-protection - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3264 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3264-1 [email protected] https://www.debian.org/lts/security/...

UBUNTU-CVE-2022-45442

Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a response when the filename is...

Debian: Security Advisory (DLA-3166-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3166-1] ruby-sinatra security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-3166-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta October 28, 2022 https://wiki.debian.org/LTS -...

Debian dla-3166 : ruby-rack-protection - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3166 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3166-1 [email protected] https://www.debian.org/lts/security/...