RHEL 9 : pcs (RHSA-2025:8256)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8256 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack:...

openSUSE Security Advisory (SUSE-SU-2025:01586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-rack (SUSE-SU-2025:01586-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01586-1 advisory. - CVE-2025-46727: possible memory exhaustion due to unbounded parameter parsing in Rack::QueryParser bsc1242894. - CVE-2025-3244...

SUSE-SU-2025:01586-1 Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: - CVE-2025-46727: possible memory exhaustion due to unbounded parameter parsing in Rack::QueryParser bsc1242894. - CVE-2025-32441: deleted sessions can be restored and occupied by unauthenticated users when the Rack::Session::Pool middlewar...

rubygem-rack: Possible Log Injection in Rack::CommonLogger

A flaw was found in the rubygem-rack package. When a user provides the authorization credentials via Rack::Auth::Basic, if successful, the username is placed in env'REMOTEUSER' and later used by Rack::CommonLogger for logging purposes. The issue occurs when a server intentionally or unintentional...

openSUSE Security Advisory (SUSE-SU-2025:1492-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : rubygem-rack-1_6 (SUSE-SU-2025:1492-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1492-1 advisory. - CVE-2025-27111: Fixed Escape Sequence Injection vulnerability bsc1238607 Tenable has extracted the preceding description block directly from the SUSE...

OPENSUSE-SU-2025:15067-1 ruby3.4-rubygem-rack-2.2-2.2.14-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-rack-2.2-2.2.14-1.1 package on the GA media of openSUSE Tumbleweed...

openSUSE Security Advisory (SUSE-SU-2025:0858-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:0874-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: CVE-2025-25184: Fixed escape sequence injection vulnerability in rack leading to possible log injection bsc1237141 CVE-2025-27111: Fixed escape sequence injection vulnerability in rack leading to possible log injection bsc1238607...

SUSE-SU-2025:0874-1 Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: - CVE-2025-25184: Fixed escape sequence injection vulnerability in rack leading to possible log injection bsc1237141 - CVE-2025-27111: Fixed escape sequence injection vulnerability in rack leading to possible log injection bsc1238607 -...

openSUSE 15 Security Update : rubygem-rack-1_6 (SUSE-SU-2025:0858-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0858-1 advisory. - CVE-2025-27610: Fixed improper sanitization of user-supplied paths when serving files leading to local file inclusion bsc1239298. - CVE-2025-25184:...

Security update for rubygem-rack-1_6

This update for rubygem-rack-16 fixes the following issues: CVE-2025-27610: Fixed improper sanitization of user-supplied paths when serving files leading to local file inclusion bsc1239298. CVE-2025-25184: Fixed Rack::CommonLogger log entry manipulation bsc1237141. Patch Instructions: To install...

SUSE-SU-2025:0858-1 Security update for rubygem-rack-1_6

This update for rubygem-rack-16 fixes the following issues: - CVE-2025-27610: Fixed improper sanitization of user-supplied paths when serving files leading to local file inclusion bsc1239298. - CVE-2025-25184: Fixed Rack::CommonLogger log entry manipulation bsc1237141...

OPENSUSE-SU-2025:14876-1 ruby3.4-rubygem-rack-2.2-2.2.13-1.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-rack-2.2-2.2.13-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12773-1 ruby3.1-rubygem-rack-3.0.4.2-1.1 on GA media

These are all security issues fixed in the ruby3.1-rubygem-rack-3.0.4.2-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12784-1 ruby3.1-rubygem-rack-2.2-2.2.6.3-1.1 on GA media

These are all security issues fixed in the ruby3.1-rubygem-rack-2.2-2.2.6.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11344-1 ruby2.7-rubygem-rack-2.2.3-1.7 on GA media

These are all security issues fixed in the ruby2.7-rubygem-rack-2.2.3-1.7 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11345-1 ruby2.7-rubygem-rack-1_6-1.6.13-1.13 on GA media

These are all security issues fixed in the ruby2.7-rubygem-rack-16-1.6.13-1.13 package on the GA media of openSUSE Tumbleweed...