Bugs fixes in "ruby-rack"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2025-27610 | Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, `Rack::Static` can serve files unde | 2025-03-25 |
| CVE | CVE-2025-27111 | Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacke | 2025-03-25 |
| CVE | CVE-2025-25184 | Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited | 2025-03-25 |
| CVE | CVE-2025-27610 | Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, `Rack::Static` can serve files unde | 2025-03-25 |
| CVE | CVE-2025-27111 | Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacke | 2025-03-25 |
| CVE | CVE-2025-25184 | Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited | 2025-03-25 |
| CVE | CVE-2025-27610 | Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, `Rack::Static` can serve files unde | 2025-03-25 |
| CVE | CVE-2025-27111 | Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacke | 2025-03-25 |
| CVE | CVE-2025-25184 | Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited | 2025-03-25 |
| CVE | CVE-2025-27610 | Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, `Rack::Static` can serve files unde | 2025-03-25 |
| CVE | CVE-2025-27111 | Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacke | 2025-03-25 |
| CVE | CVE-2025-25184 | Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited | 2025-03-25 |
| CVE | CVE-2023-27530 | A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an at | 2024-09-26 |
| CVE | CVE-2022-44572 | A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker t | 2024-09-26 |
| CVE | CVE-2022-44571 | There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This coul | 2024-09-26 |
| CVE | CVE-2022-44570 | A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsin | 2024-09-26 |
| CVE | CVE-2022-30123 | A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and Common | 2024-09-26 |
| CVE | CVE-2022-30122 | A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack. | 2024-09-26 |
| CVE | CVE-2024-26146 | Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a p | 2024-09-26 |
| CVE | CVE-2024-26141 | Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Respo | 2024-09-26 |
About
-
Send Feedback to @ubuntu_updates
