Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

rubygems rack Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1jajgzLTJ3dzctbXZxN84AA9fb
Rack ReDoS Vulnerability in HTTP Accept Headers Parsing
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 39.1
Published: 19 days ago
Moderate
GSA_kwCzR0hTQS0yMmYyLXY1N2MtajljeM4AA5mE
Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial)
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 31.9
Published: 5 months ago
Low
GSA_kwCzR0hTQS14ajV2LTZ2NGctamZ3Ns4AA5mD
Rack has possible DoS Vulnerability with Range Header
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Low
GSA_kwCzR0hTQS01NHJyLTdmdnctNng4Zs4AA5mC
Rack Header Parsing leads to Possible Denial of Service Vulnerability
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Low
GSA_kwCzR0hTQS1jNnFnLWNqajgtNDdxcM4AAyIq
Possible Denial of Service Vulnerability in Rack's header parsing
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS0zaDU3LWhtajMtZ2ozcM4AAyAE
Rack has possible DoS Vulnerability in Multipart MIME parsing
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: over 1 year ago
Low
GSA_kwCzR0hTQS05M3BtLTVwNWYtM2doeM4AAxD0
Denial of Service Vulnerability in Rack Content-Disposition parsing
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS02NWY1LW1mcGYtdmZoas4AAxDt
Denial of service via header parsing in Rack
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: over 1 year ago
Low
GSA_kwCzR0hTQS1ycXYyLTI3NXgtMmpxNc4AAxDs
Denial of service via multipart parsing in Rack
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oeHF4LXh3dmgtNDRtMs4AArQW
Denial of Service Vulnerability in Rack Multipart Parsing
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS13cTRoLTdyNDItNWhycs4AArQV
Possible shell escape sequence injection vulnerability in Rack
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 60.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS12NmozLTdqcnctaHEycM4AAe7J
Rack Gem Subject to Denial of Service via Hash Collisions
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-parent, rack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14Yzg1LTMybWYteHB2OM3iYQ
Rack arbitrary code execution via timing attack
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS12ODgyLWNjajYtamM0OM3iGw
Rack vulnerable to Denial of Service
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmOWgtOXBqdi12Nmo3
Directory traversal in Rack::Directory app bundled with Rack
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: about 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2dzktZnY2cS0zcTUy
Rack allows Percent-encoded cookies to overwrite existing prefixed cookie names
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: about 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhycXItaHhwcC1jaHIz
Possible Information Leak / Session Hijack Vulnerability in Rack
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVyMnAtajQ3aC1taHBn
Rack vulnerable to Cross-site Scripting
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnNzgtNGY2eC05OXdx
Rack vulnerable to Denial of Service
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1cjctdzVtdi1jODQ5
Rack Vulnerable to Path Traversal
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3N3gtbTVxOC1jMjlo
Rack vulnerable to REDoS
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNweGgtaDhody1tajh3
Rack rubygems receiving excessively long lines triggers out-of-memory error
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJncjQtOWpoNS1qNGo2
Rack vulnerable to Denial of Service via large parameter depth request
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Statistics
Advisories: 19,557
Packages: 8,629
Repositories: 2
Ecosystems: 12
Filter by Package
actionpack 58 nokogiri 43 rubygems-update 25 rack 23 puppet 23 activerecord 21 publify_core 14 activesupport 14 passenger 13 actionview 12 rails 11 puma 11 fat_free_crm 10 jquery-rails 9 decidim 9 rails-html-sanitizer 9 jquery 8 org.webjars.npm:jquery 8 org.jruby:jruby-stdlib 7 jQuery 7 jQuery.UI.Combined 7 jquery-ui 7 jquery-ui-rails 7 org.webjars.npm:jquery-ui 7 camaleon_cms 6 katello 6 doorkeeper 6 ember-source 6 loofah 6 spree_auth_devise 5 bundler 5 spree 5 sidekiq 5 commonmarker 5 grpc 4 grpcio 4 rails_admin 4 avo 4 devise 4 carrierwave 4 mail 4 sanitize 4 webrick 4 sinatra 4 dragonfly 4 fluentd 4 activestorage 4 yard 3 cgi 3 resque 3 bootstrap 3 gollum 3 omniauth 3 rest-client 3 geminabox 3 bootstrap 3 private_address_check 3 rexml 3 chartkick 3 rubyzip 3 io.grpc:grpc-protobuf 3 rdoc 3 rack-cors 3 phlex 3 json-jwt 3 decidim-core 3 activeadmin 3 git 3 openssl 3 ruby-saml 3 faye 2 twitter-bootstrap-rails 2 logstash-core 2 redcarpet 2 json 2 uri 2 httparty 2 VladTheEnterprising 2 omniauth-facebook 2 ox 2 echor 2 mini_magick 2 facter 2 yajl-ruby 2 git-fastclone 2 net-ldap 2 spina 2 bson 2 paperclip 2 kaminari 2 user_agent_parser 2 pghero 2 devise-two-factor 2 solidus_frontend 2 secure_headers 2 pdfkit 2 cocoapods-downloader 2 radiant 2 field_test 2 qiita-markdown 2 kramdown 2 decidim-templates 2 sprockets 2 mechanize 2 pyarrow 2 safemode 2 red-arrow 2 mapbox.js 2 i18n 2 google-protobuf 2 com.google.protobuf:protobuf-kotlin 2 administrate 2 sup 2 pageflow 2 mapbox-rails 2 com.google.protobuf:protobuf-java 2 bootstrap-sass 2 decidim-admin 2 view_component 2 ruby-openid 2 solidus_core 2 actiontext 2 paratrooper-newrelic 1 octopoller 1 jmespath 1 trilogy 1 date 1 github.com/github/hub 1 hub 1 sentry-raven 1 websocket-extensions 1 ruby_parser 1 railties 1 foreman_ansible 1 gitlab-grit 1 geokit-rails 1 multi_xml 1 keynote 1 padrino-contrib 1 bolt 1 omniauth-microsoft_graph 1 lynx 1 rubocop 1 ruby-mysql 1 kafo 1 hammer_cli_foreman 1 jruby-openssl 1 redcloth 1 em-http-request 1 command_wrap 1 gtk2 1 rotp 1 @turbo-boost/commands 1 activejob 1 personnummer 1 turbo_boost-commands 1 kcapifony 1 brbackup 1 discordrb 1 rmagick 1 diffy 1 recurly 1 solidus_backend 1 md2pdf 1 sounder 1 ldap_fluff 1 resque-scheduler 1 xapian-core 1 mixlib-archive 1 rswag 1 pdf_info 1 inline_svg 1 foreman_fog_proxmox 1 message_bus 1 shrine 1 papercrop 1 omniauth-auth0 1 spree_api 1 omniauth-apple 1 asciidoctor 1 audited 1 govuk_tech_docs 1 oauth 1 clockwork_web 1 trestle-auth 1 point-cli 1 openshift-origin-node 1 decidim-system 1 lean-ruport 1 flash_tool 1 tweetstream 1 ftpd 1 twitter-stream 1 pysha3 1 better_errors 1 sha3 1 mongrel 1 unpoly-rails 1 cap-strap 1 ruby-jss 1