rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing

A denial of service DoS vulnerability was found in rubygem-rack in how it parses Rack Header. Carefully crafted headers can cause header parsing in Rack to take longer than expected, resulting in a possible denial of service issue. Accept and Forwarded headers are impacted...

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impa...

RHEL 9 : pcs (RHSA-2024:1846)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1846 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial ...

RHEL 9 : pcs (RHSA-2024:1841)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1841 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial ...

rubygem-rack: Possible DoS Vulnerability with Range Header in Rack

A denial of service DoS vulnerability was found in rubygem-rack in how it parses Range Header. Carefully crafted range headers can cause a server to respond with an unexpectedly large response. Responding with large responses could lead to a denial of service issue...

rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing

A denial of service DoS vulnerability was found in rubygem-rack in how it parses Rack Header. Carefully crafted headers can cause header parsing in Rack to take longer than expected, resulting in a possible denial of service issue. Accept and Forwarded headers are impacted...

SUSE-SU-2024:1131-1 Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: - CVE-2024-25126: Fixed a denial-of-service vulnerability in Rack Content-Type parsing bsc1220239. - CVE-2024-26141: Fixed a denial-of-service vulnerability in Range request header parsing bsc1220242. - CVE-2024-26146: Fixed a...

SUSE SLES12 Security Update : rubygem-rack-1_4 (SUSE-SU-2024:0946-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0946-1 advisory. - Rack is a modular Ruby web server interface. Carefully crafted content type headers can cause Rack's media type parser to take mu...

SUSE-SU-2024:0946-1 Security update for rubygem-rack-1_4

This update for rubygem-rack-14 fixes the following issues: - CVE-2024-25126: Fixed a Denial of Service Vulnerability in Rack Content-Type Parsing bsc1220239 - CVE-2024-26141: Fixed a Denial of Service Vulnerability in Range request header parsing bsc1220242 - CVE-2024-26146: Fixed a Denial of...

Medium: pcs

Issue Overview: A Denial of Service DoS vulnerability was found in rubygem-rack in how it parses Content-Type. Carefully crafted content type headers can cause Rack's media type parser to take much longer than expected, leading to a possible denial of service vulnerability. CVE-2024-25126 A Denia...

Medium: pcs

Issue Overview: A Denial of Service DoS vulnerability was found in rubygem-rack in how it parses Content-Type. Carefully crafted content type headers can cause Rack's media type parser to take much longer than expected, leading to a possible denial of service vulnerability. CVE-2024-25126 A Denia...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-rack (SUSE-SU-2024:0765-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0765-1 advisory. - Rack is a modular Ruby web server interface. Carefully crafted content type headers can cause Rack's media type parser to take...

SUSE-SU-2024:0765-1 Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: - CVE-2024-25126: Fixed a denial-of-service vulnerability in Rack Content-Type parsing bsc1220239. - CVE-2024-26141: Fixed a denial-of-service vulnerability in Range request header parsing bsc1220242. - CVE-2024-26146: Fixed a...

CVE-2024-26146

A denial of service DoS vulnerability was found in rubygem-rack in how it parses Rack Header. Carefully crafted headers can cause header parsing in Rack to take longer than expected, resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Mitigation No mitigati...

CVE-2024-25126

A denial of service DoS vulnerability was found in rubygem-rack in how it parses Content-Type. Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability. Mitigation No mitigation is currently...

rubygem-rack: denial of service in Content-Disposition parsing

A flaw was found in rubygem-rack. Rack is vulnerable to a denial of service caused by a regular expression denial of service ReDoS flaw in the multipart parsing component. By sending a specially-crafted input, a remote attacker can cause a denial of service...

rubygem-rack: denial of service in Content-Disposition parsing

A flaw was found in rubygem-rack. Rack is vulnerable to a denial of service caused by a regular expression denial of service ReDoS flaw in the multipart parser. By sending a specially-crafted regex input, a remote attacker can cause a denial of service...

rubygem-rack: denial of service in header parsing

A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service...

Moderate: Red Hat Security Advisory: Logging Subsystem 5.7.2 - Red Hat OpenShift security update

Logging Subsystem 5.7.2 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...

rubygem-rack: denial of service in header parsing

A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service...