Lucene search
Ubuntu.comUB:CVE-2012-6109HistoryMar 01, 2013 - 12:00 a.m.
CVE-2012-6109
2013-03-0100:00:00
ubuntu.com
ubuntu.com
13
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.012 Low
EPSS
Percentile
85.2%
lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x
before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression,
which allows remote attackers to cause a denial of service (infinite loop)
via a crafted Content-Disposion header.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 13.10 | noarch | ruby-rack | < 1.5.2-1 | UNKNOWN |
| ubuntu | 14.04 | noarch | ruby-rack | < 1.5.2-1 | UNKNOWN |
| ubuntu | 14.10 | noarch | ruby-rack | < 1.5.2-1 | UNKNOWN |
| ubuntu | 15.04 | noarch | ruby-rack | < 1.5.2-1 | UNKNOWN |
| ubuntu | 15.10 | noarch | ruby-rack | < 1.5.2-1 | UNKNOWN |
| ubuntu | 16.04 | noarch | ruby-rack | < 1.5.2-1 | UNKNOWN |
| ubuntu | 16.10 | noarch | ruby-rack | < 1.5.2-1 | UNKNOWN |
| ubuntu | 17.04 | noarch | ruby-rack | < 1.5.2-1 | UNKNOWN |
Related
prion
prion
Design/Logic Flaw
2013-03-01 05:40:00
osv
osv
Rack vulnerable to REDoS
2017-10-24 18:33:37
veracode
veracode
Denial Of Service (DoS) Infinite Loop
2019-01-15 08:58:11
github
github
Rack vulnerable to REDoS
2017-10-24 18:33:37
debiancve
debiancve
CVE-2012-6109
2013-03-01 05:40:00
cve
cve
CVE-2012-6109
2013-03-01 05:40:00
rubygems
rubygems
CVE-2012-6109 rubygem-rack: parsing Content-Disposition header DoS
2012-05-03 20:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-rack-1.4.0-4.fc18
2013-01-25 21:37:50
[SECURITY] Fedora 17 Update: rubygem-rack-1.4.0-3.fc17
2013-01-25 21:44:01
[SECURITY] Fedora 16 Update: rubygem-rack-1.3.0-3.fc16
2013-01-25 21:34:26
openvas
openvas
Fedora Update for rubygem-rack FEDORA-2013-0837
2013-01-28 00:00:00
Fedora Update for rubygem-rack FEDORA-2013-0861
2013-01-28 00:00:00
Fedora Update for rubygem-rack FEDORA-2013-0837
2013-01-28 00:00:00
nessus
nessus
Fedora 17 : rubygem-rack-1.4.0-3.fc17 (2013-0861)
2013-01-28 00:00:00
Fedora 16 : rubygem-rack-1.3.0-3.fc16 (2013-0896)
2013-01-28 00:00:00
Fedora 18 : rubygem-rack-1.4.0-4.fc18 (2013-0837)
2013-01-28 00:00:00
gentoo
gentoo
Rack: Multiple vulnerabilities
2014-05-17 00:00:00
redhat
redhat
(RHSA-2013:0544) Important: Subscription Asset Manager 1.2 update
2013-02-21 00:00:00
suse
suse
Security update for rubygem-merb-core (important)
2013-03-20 17:04:42
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.012 Low
EPSS
Percentile
85.2%
Related for UB:CVE-2012-6109