Debian: Security Advisory (DLA-1585-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2018-0449 Updated ruby-rack packages fix security vulnerability

There is a possible XSS vulnerability in Rack. Carefully crafted requests can impact the data returned by the scheme method on Rack::Request.Applications that expect the scheme to be limited to "http" or "https" and do not escape the return value could be vulnerable to an XSS attack CVE-2018-1647...

Debian DSA-4247-1 : ruby-rack-protection - security update

A timing attack was discovered in the function for CSRF token validation of the 'Ruby rack protection' framework. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4247. The text itself is copyright C Software ...

Debian: Security Advisory (DSA-4247-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3931-1 : ruby-rack-cors - security update

Jens Mueller discovered that an incorrect regular expression in rack-cors may lead to insufficient restriction of CORS requests. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3931. The...

DSA-3931-1 ruby-rack-cors - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3931-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2015-0346)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201405-10

Gentoo Linux Local Security Checks GLSA 201405-10 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Updated ruby-rack packages fix CVE-2015-3225

Updated ruby-rack packages fix security vulnerability: lib/rack/utils.rb in Rack before 1.5.4 allows remote attackers to cause a denial of service SystemStackError via a request with a large parameter depth CVE-2015-3225...

MGASA-2015-0346 Updated ruby-rack packages fix CVE-2015-3225

Updated ruby-rack packages fix security vulnerability: lib/rack/utils.rb in Rack before 1.5.4 allows remote attackers to cause a denial of service SystemStackError via a request with a large parameter depth CVE-2015-3225...

[SECURITY] [DSA 3322-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3322-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 31, 2015 https://www.debian.org/security/faq...

Debian DSA-3322-1 : ruby-rack - security update

Tomek Rabczak from the NCC Group discovered a flaw in the normalizeparams method in Rack, a modular Ruby webserver interface. A remote attacker can use this flaw via specially crafted requests to cause a SystemStackError and potentially cause a denial of service condition for the service...

[SECURITY] [DSA 3322-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3322-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 31, 2015 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3322-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3322-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 31, 2015 https://www.debian.org/security/faq -...

DSA-3322-1 ruby-rack - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3322-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : RubyOnRails (openSUSE-SU-2013:0338-1)

The Ruby on Rails 2.3 stack was updated to 2.3.17. The Ruby on Rails 3.2 stack was updated to 3.2.12. The Ruby Rack was updated to 1.1.6. The Ruby Rack was updated to 1.2.8. The Ruby Rack was updated to 1.3.10. The Ruby Rack was updated to 1.4.5. The updates fix various security issues and bugs. ...

GLSA-201405-10 : Rack: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201405-10 Rack: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Rack. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with...

MGASA-2014-0156 Updated ruby-rack-ssl packages fix CVE-2014-2538

Updated ruby-rack-ssl packages fix security vulnerabilities: Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters su...