PT-2026-29857

Rack versions 3.0.0.beta1 through 3.1.21, and 3.2.0 through 3.2.6 are affected by an issue where the Rack::Request component improperly parses the Host header, accepting characters not permitted in RFC-compliant hostnames such as /, ?, , and @. This can lead to host header poisoning in applicatio...

gitoxide (>=0.1.0 <=0.15.0) potentially affected by CVE-2024-43785 via gitoxide-core (>=0.10.5 <=0.3.0)

gitoxide-core CARGO version =0.10.5, =0.1.0, =0.15.0 Source cves: CVE-2024-43785 Source advisory: OSV:GHSA-88G2-R9RW-G55H...