Ruby on Rails: Action Text ReDoS (Ruby 3.1 or lower)

A vulnerability was discovered in the ActionText component of the Rails web framework for Ruby versions 3.1 and lower. The vulnerability was caused by a Regular Expression Denial of Service ReDoS issue in the plaintextforblockquotenode method. This method was used in the...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in Action Dispatch's Accept header parsing. Note: This is only vulnerable on applications based on Ruby prior to 3.2. Details Denial of Service DoS describes a family of attacks, all aimed at...

SUSE CVE-2024-26146

Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Ruby 3.2 has mitigations for this problem, so Rack applications using Ru...

SUSE CVE-2024-26141

Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the Rack::File middleware or the...

PT-2024-5871 · Unknown +1 · Ruby On Rails +1

Name of the Vulnerable Software and Affected Versions: Ruby on Rails versions prior to 7.1.3.1 Ruby on Rails versions prior to 7.0.8.1 Description: There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate,...

PT-2024-1928

Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.0.9.4 Rack versions prior to 2.1.4.4 Rack versions prior to 2.2.8.1 Rack versions prior to 3.0.9.1 Description The issue is related to the header parsing in Rack, which can be exploited by carefully crafted headers,...

Possible Sensitive Session Information Leak in Active Storage

There is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user’s session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak...

Possible ReDoS vulnerability in Accept header parsing in Action Dispatch

There is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-26142. Versions Affected: = 7.1.0, 7.1.3.1 Not affected: 7.1.0 Fixed Versions: 7.1.3.1 Impact Carefully crafted Accept headers can cau...

Possible Denial of Service Vulnerability in Rack Header Parsing

There is a possible denial of service vulnerability in the header parsing routines in Rack. This vulnerability has been assigned the CVE identifier CVE-2024-26146. Versions Affected: All. Not affected: None Fixed Versions: 2.0.9.4, 2.1.4.4, 2.2.8.1, 3.0.9.1 Impact Carefully crafted headers can...

oniguruma: Use-after-free in onig_new_deluxe() in regext.c

A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...

Mageia: Security Advisory (MGASA-2024-0042)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated ruby-rack fixes a vulnerability and some bugs

This update to 2.2.8 fixes CVE-2023-27539 and some bugs...

MGASA-2024-0042 Updated ruby-rack fixes a vulnerability and some bugs

This update to 2.2.8 fixes CVE-2023-27539 and some bugs...

Exploit for Improper Access Control in Joomla Joomla\!

Joomla! options Arguments - url: Root URL base...

rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers

An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests...

gRPC: file descriptor exhaustion leads to denial of service

A flaw was found in gRPC. Lack of error handling in the TCP server in Google's gRPC, starting in version 1.23 on POSIX-compatible platforms for example, Linux, allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++,...

OESA-2024-1146 rubygem-actionpack security update

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser. Security Fixes: A regular expression based DoS vulnerability in Action Dispatch 6.0.6.1,...

Important Photon OS Security Update - PHSA-2024-4.0-0562

Updates of 'ruby' packages of Photon OS have been released...

CentOS 8 : pcs (CESA-2023:3082)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:3082 advisory. - A DoS vulnerability exists in Rack v3.0.4.2, v2.2.6.3, v2.1.4.3 and v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attack...

Debian: Security Advisory (DSA-5616-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...