Lucene search
K

218 matches found

SUSE CVE
SUSE CVE
added 2025/10/11 11:21 p.m.4 views

SUSE CVE-2025-61780

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to...

5.8CVSS6.4AI score0.0044EPSS
Exploits0References4
Snyk
Snyk
added 2025/10/10 5:41 p.m.6 views

Information Exposure

Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...

6.9CVSS6.5AI score0.0044EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/10/10 5:31 p.m.7 views

Rack has a Possible Information Disclosure Vulnerability

Summary A possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to miscommunicate with the proxy and trigger unintended internal requests, potentially...

5.8CVSS6.4AI score0.0044EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2025/10/10 5:31 p.m.4 views

GHSA-R657-RXJC-J557 Rack has a Possible Information Disclosure Vulnerability

Summary A possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to miscommunicate with the proxy and trigger unintended internal requests, potentially...

5.8CVSS6.4AI score0.0044EPSS
Exploits0References7
NVD
NVD
added 2025/10/10 5:15 p.m.9 views

CVE-2025-61780

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to...

5.8CVSS0.0044EPSS
Exploits0References4
OSV
OSV
added 2025/10/10 5:15 p.m.4 views

DEBIAN-CVE-2025-61780

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to...

5.3CVSS5.5AI score0.0044EPSS
Exploits0References1
OSV
OSV
added 2025/10/10 5:15 p.m.3 views

UBUNTU-CVE-2025-61780

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to...

5.8CVSS6.8AI score0.0044EPSS
Exploits0References10
CVE
CVE
added 2025/10/10 4:53 p.m.33 views

CVE-2025-61780

CVE-2025-61780 (Rack) affects Rack, a modular Ruby web server interface. The IBM security bulletin and Debian advisories describe a vulnerability in Rack::Sendfile when used behind a proxy that supports x-accel-redirect/x-sendfile headers. By sending crafted headers, an attacker could cause Rack:...

5.8CVSS5.9AI score0.0044EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/10 4:53 p.m.3 views

CVE-2025-61780 Rack has Possible Information Disclosure Vulnerability

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to...

5.8CVSS5.9AI score0.0044EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/10 4:53 p.m.28 views

CVE-2025-61780 Rack has Possible Information Disclosure Vulnerability

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to...

5.8CVSS0.0044EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/10 4:53 p.m.7 views

EUVD-2025-33749

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to...

5.8CVSS5.8AI score0.0044EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/10/10 4:53 p.m.4 views

CVE-2025-61780

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to...

5.8CVSS5.5AI score0.0044EPSS
Exploits0
OSV
OSV
added 2025/10/10 4:53 p.m.3 views

CVE-2025-61780 Rack has Possible Information Disclosure Vulnerability

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to...

5.8CVSS6AI score0.0044EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/10 12:0 a.m.4 views

Rack 安全漏洞

Rack is a modular Ruby web server interface open-sourced by Rack. A security vulnerability exists in Rack versions prior to 2.2.20, 3.1.18, and 3.2.3, which stems from the possibility that Rack::Sendfile may bypass proxy access restrictions when handling specially crafted headers, leading to...

5.8CVSS6.5AI score0.0044EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.5 views

PT-2025-41580

Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.20 Rack versions prior to 3.1.18 Rack versions prior to 3.2.3 Description Rack is a modular Ruby web server interface. A potential information disclosure issue existed in Rack::Sendfile when operating behind a proxy...

5.8CVSS6.7AI score0.0044EPSS
Exploits0References52
RubySec
RubySec
added 2025/10/10 12:0 a.m.7 views

Rack has a Possible Information Disclosure Vulnerability

Summary A possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to miscommunicate with the proxy and trigger unintended internal requests, potentially...

5.8CVSS6.1AI score0.0044EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-0787

Malware in sbrugna...

4.9CVSS6.1AI score0.00409EPSS
Exploits2References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-3652

Malware in sbrugna...

7.1CVSS6.4AI score0.01726EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-5505

Malware in sbrugna...

4.7CVSS6.2AI score0.00306EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-0709

Malware in sbrugna...

10CVSS6.1AI score0.02268EPSS
Exploits0References3
Rows per page
Query Builder