Lucene search
Veracode Vulnerability DatabaseVERACODE:45693HistoryFeb 29, 2024 - 6:31 a.m.
Denial Of Service (DoS)
2024-02-2906:31:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
rack vulnerability
range headers
dos attack
improper handling
large response
Rack is vulnerable to Denial of Service (DoS). The vulnerability is due to improper handling of Range headers, allowing an attacker to craft headers in a way that results in an unexpectedly large response, which can result in Denial of Service (DoS).
References
discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944
github.com/advisories/GHSA-xj5v-6v4g-jfw6
github.com/rack/rack/commit/4849132bef471adb21131980df745f4bb84de2d9
github.com/rack/rack/commit/62457686b26d33a15a254c7768c2076e8e02b48b
github.com/rack/rack/security/advisories/GHSA-xj5v-6v4g-jfw6
github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26141.yml
lists.debian.org/debian-lts-announce/2024/04/msg00022.html
Related
debiancve
debiancve
CVE-2024-26141
2024-02-29 00:15:51
github
github
Rack has possible DoS Vulnerability with Range Header
2024-02-28 22:57:12
wolfi
wolfi
CVE-2024-26141 vulnerabilities
2024-06-02 03:07:39
prion
prion
Design/Logic Flaw
2024-02-29 00:15:00
ubuntucve
ubuntucve
CVE-2024-26141
2024-02-29 00:00:00
cve
cve
CVE-2024-26141
2024-02-29 00:15:51
cgr
cgr
CVE-2024-26141 vulnerabilities
2024-05-19 03:07:16
osv
osv
CVE-2024-26141
2024-02-29 00:15:51
Rack has possible DoS Vulnerability with Range Header
2024-02-28 22:57:12
ruby-rack - security update
2024-05-24 00:00:00
redhatcve
redhatcve
CVE-2024-26141
2024-02-23 03:02:28
cvelist
cvelist
CVE-2024-26141 Possible DoS Vulnerability with Range Header in Rack
2024-02-28 23:28:10
rubygems
rubygems
Possible DoS Vulnerability with Range Header in Rack
2024-02-20 21:00:00
nessus
nessus
RHEL 8 : pcs (RHSA-2024:2007)
2024-04-24 00:00:00
RHEL 8 : pcs (RHSA-2024:3431)
2024-05-28 00:00:00
Ubuntu 23.10 : Rack vulnerabilities (USN-6689-1)
2024-03-12 00:00:00
debian
debian
[SECURITY] [DSA 5698-1] ruby-rack security update
2024-05-24 16:43:43
[SECURITY] [DLA 3800-1] ruby-rack security update
2024-04-29 09:44:51
oraclelinux
oraclelinux
pcs security update
2024-05-02 00:00:00
pcs security update
2024-05-23 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5698-1)
2024-05-27 00:00:00
Debian: Security Advisory (DLA-3800-1)
2024-04-30 00:00:00
Ubuntu: Security Advisory (USN-6689-1)
2024-03-13 00:00:00
redhat
redhat
(RHSA-2024:2953) Moderate: pcs security update
2024-05-22 06:35:11
(RHSA-2024:2581) Moderate: pcs security update
2024-04-30 14:00:44
(RHSA-2024:1846) Moderate: pcs security update
2024-04-16 15:03:20
mageia
mageia
Updated ruby-rack packages fix security vulnerabilities
2024-04-12 23:45:19
ubuntu
ubuntu
Rack vulnerabilities
2024-03-12 00:00:00
almalinux
almalinux
Moderate: pcs security update
2024-05-22 00:00:00
amazon
amazon
Medium: pcs
2024-03-13 20:26:00
redos
redos
ROS-20240508-01
2024-05-08 00:00:00