Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
rubygems rack Security Advisories
Browse all Security Advisories for rubygems rack
Loading...
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 39.1
Published: 5 months ago
GSA_kwCzR0hTQS1jajgzLTJ3dzctbXZxN84AA9fb
Rack ReDoS Vulnerability in HTTP Accept Headers ParsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 39.1
Published: 5 months ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 31.9
Published: 9 months ago
GSA_kwCzR0hTQS0yMmYyLXY1N2MtajljeM4AA5mE
Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial)Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 31.9
Published: 9 months ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS14ajV2LTZ2NGctamZ3Ns4AA5mD
Rack has possible DoS Vulnerability with Range HeaderEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS01NHJyLTdmdnctNng4Zs4AA5mC
Rack Header Parsing leads to Possible Denial of Service VulnerabilityEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jNnFnLWNqajgtNDdxcM4AAyIq
Possible Denial of Service Vulnerability in Rack's header parsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: over 1 year ago
GSA_kwCzR0hTQS0zaDU3LWhtajMtZ2ozcM4AAyAE
Rack has possible DoS Vulnerability in Multipart MIME parsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: over 1 year ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05M3BtLTVwNWYtM2doeM4AAxD0
Denial of Service Vulnerability in Rack Content-Disposition parsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: almost 2 years ago
GSA_kwCzR0hTQS02NWY1LW1mcGYtdmZoas4AAxDt
Denial of service via header parsing in RackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: almost 2 years ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ycXYyLTI3NXgtMmpxNc4AAxDs
Denial of service via multipart parsing in RackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: over 2 years ago
GSA_kwCzR0hTQS1oeHF4LXh3dmgtNDRtMs4AArQW
Denial of Service Vulnerability in Rack Multipart ParsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 60.2
Published: over 2 years ago
GSA_kwCzR0hTQS13cTRoLTdyNDItNWhycs4AArQV
Possible shell escape sequence injection vulnerability in RackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 60.2
Published: over 2 years ago
Moderate
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-parent, rack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS12NmozLTdqcnctaHEycM4AAe7J
Rack Gem Subject to Denial of Service via Hash CollisionsEcosystems: maven, rubygems
Packages: org.jruby:jruby-parent, rack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS14Yzg1LTMybWYteHB2OM3iYQ
Rack arbitrary code execution via timing attackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS12ODgyLWNjajYtamM0OM3iGw
Rack vulnerable to Denial of ServiceEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmOWgtOXBqdi12Nmo3
Directory traversal in Rack::Directory app bundled with RackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2dzktZnY2cS0zcTUy
Rack allows Percent-encoded cookies to overwrite existing prefixed cookie namesEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: over 4 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhycXItaHhwcC1jaHIz
Possible Information Leak / Session Hijack Vulnerability in RackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: almost 5 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVyMnAtajQ3aC1taHBn
Rack vulnerable to Cross-site ScriptingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: about 6 years ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnNzgtNGY2eC05OXdx
Rack vulnerable to Denial of ServiceEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: about 6 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1cjctdzVtdi1jODQ5
Rack Vulnerable to Path TraversalEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNweGgtaDhody1tajh3
Rack rubygems receiving excessively long lines triggers out-of-memory errorEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3N3gtbTVxOC1jMjlo
Rack vulnerable to REDoSEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJncjQtOWpoNS1qNGo2
Rack vulnerable to Denial of Service via large parameter depth requestEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 2
Ecosystems: 12
Packages: 9,040
Repositories: 2
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
actionpack
60
nokogiri
43
rubygems-update
25
puppet
23
rack
23
activerecord
21
activesupport
14
camaleon_cms
14
publify_core
14
passenger
13
puma
12
actionview
12
decidim
11
rails
11
fat_free_crm
10
rails-html-sanitizer
9
bootstrap
9
jquery-rails
9
twbs/bootstrap
9
org.webjars:bootstrap
9
bootstrap
9
bootstrap
9
jquery
8
org.webjars.npm:jquery
8
bootstrap-sass
8
jquery-ui
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
jquery-ui-rails
7
rexml
7
bootstrap.sass
7
org.jruby:jruby-stdlib
7
jQuery
7
katello
6
doorkeeper
6
ember-source
6
loofah
6
bootstrap-sass
5
spree_auth_devise
5
webrick
5
commonmarker
5
grpc
5
grpcio
5
sidekiq
5
spree
5
bundler
5
sinatra
5
mail
4
rails_admin
4
ruby-saml
4
devise
4
carrierwave
4
dragonfly
4
fluentd
4
activestorage
4
avo
4
sanitize
4
gollum
3
geminabox
3
rdoc
3
json-jwt
3
rest-client
3
git
3
decidim-admin
3
openssl
3
openc3
3
openc3
3
chartkick
3
com.google.protobuf:protobuf-java
3
com.google.protobuf:protobuf-kotlin
3
google-protobuf
3
io.grpc:grpc-protobuf
3
decidim-core
3
activeadmin
3
spina
3
yard
3
resque
3
cgi
3
devise-two-factor
3
actiontext
3
private_address_check
3
phlex
3
rack-cors
3
rubyzip
3
omniauth
3
paperclip
2
json
2
twitter-bootstrap-rails
2
pdfkit
2
facter
2
com.google.protobuf:protobuf-kotlin-lite
2
maximebf/debugbar
2
radiant
2
com.google.protobuf:protobuf-javalite
2
bson
2
echor
2
pghero
2
mini_magick
2
secure_headers
2
org.webjars.npm:bootstrap
2
kramdown
2
uri
2
ruby-openid
2
safemode
2
administrate
2
decidim-templates
2
qiita-markdown
2
view_component
2
user_agent_parser
2
solidus_core
2
field_test
2
decidim-meetings
2
actionmailer
2
VladTheEnterprising
2
httparty
2
pyarrow
2
omniauth-saml
2
red-arrow
2
net-ldap
2
faye
2
kaminari
2
redcarpet
2
solidus_frontend
2
sidekiq-unique-jobs
2
sup
2
mechanize
2
pageflow
2
sprockets
2
mapbox.js
2
i18n
2
ox
2
omniauth-facebook
2
logstash-core
2
cocoapods-downloader
2
git-fastclone
2
mapbox-rails
2
@openc3/tool-common
2
yajl-ruby
2
uglifier
1
moped
1
decidim-decidim_awesome
1
paratrooper-pingdom
1
jquery
1
net.sf.mpxj:mpxj
1
handlebars
1
mpxj
1
mpxj
1
net.sf.mpxj
1
net.sf.mpxj-for-csharp
1
net.sf.mpxj-for-vb
1
MPXJ.Net
1
netaddr
1
stimulus_reflex
1
ldoce
1
stimulus_reflex
1
sfpagent
1
bibtex-ruby
1
update_by_case
1
paratrooper-newrelic
1
rake
1
pwpush
1
image_processing
1
octopoller
1
date
1
sounder
1
md2pdf
1
recurly
1
diffy
1
gollum-lib
1
em-imap
1
discordrb
1
turbo_boost-commands
1
@turbo-boost/commands
1
rotp
1
encoded_id-rails
1
gtk2
1
ruby-mysql
1
opensearch-ruby
1
rubocop
1
omniauth-oauth2
1
uap-core
1
bindata
1
mysql-binuuid-rails
1
random_password_generator
1
iodine
1
haml
1
activeresource
1
apollo_upload_server
1
faye-websocket
1
kitchen-terraform
1
geocoder
1
RedCloth
1
dependabot-omnibus
1
dependabot-common
1
kredis
1
typo3/cms-core
1
typo3/cms
1
simple_form
1
activerecord-session_store
1
open-uri-cached
1
Filter by Repository