Lucene search
+L

4 matches found

nessus
nessus
added 2026/04/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-34830

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Sendfilemapaccelpath interpolates the value of the X-Accel-Mappi...

7.5CVSS7AI score0.00209EPSS
Exploits0References4
osv
osv
added 2026/04/02 8:35 p.m.16 views

GHSA-QV7J-4883-HWH7 Rack::Sendfile header-based X-Accel-Mapping regex injection enables unauthorized X-Accel-Redirect

Summary Rack::Sendfilemapaccelpath interpolates the value of the X-Accel-Mapping request header directly into a regular expression when rewriting file paths for X-Accel-Redirect. Because the header value is not escaped, an attacker who can supply X-Accel-Mapping to the backend can inject regex...

5.9CVSS5.9AI score0.00209EPSS
Exploits0References4
osv
osv
added 2026/04/02 4:47 p.m.3 views

CVE-2026-34830 Rack: Rack::Sendfile regex injection via HTTP_X_ACCEL_MAPPING header allows arbitrary file reads through nginx

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Sendfilemapaccelpath interpolates the value of the X-Accel-Mapping request header directly into a regular expression when rewriting file paths for X-Accel-Redirect. Because the header value is not...

5.9CVSS7AI score0.00209EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/04/02 12:0 a.m.14 views

PT-2026-29818

Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.23, 3.1.21, and 3.2.6 Description Rack’s Rack::Sendfilemap accel path function directly uses the X-Accel-Mapping request header value in a regular expression for rewriting file paths used with X-Accel-Redirect. Becau...

7.8CVSS5.9AI score0.00369EPSS
Exploits0References55
Rows per page
Query Builder