Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

rubygems

rack

rubygems

Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.

View on github.com · View on rubygems.org

Security Advisories for rack in rubygems

High
24 days ago

Rack is vulnerable to a memory-exhaustion DoS through unbounded URL-encoded body parsing GSA_kwCzR0hTQS02eHc0LTN2MzktNTJtbc4ABNQi

rubygems rack
Moderate
24 days ago

Rack has a Possible Information Disclosure Vulnerability GSA_kwCzR0hTQS1yNjU3LXJ4amMtajU1N84ABNQh

rubygems rack
High
27 days ago

Rack's multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion) GSA_kwCzR0hTQS13cHY1LTk3d20taHA5Y84ABNDU

rubygems rack
High
27 days ago

Rack: Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion) GSA_kwCzR0hTQS13OXBjLWZtZ2Mtdnh2d84ABNDT

rubygems rack
High
27 days ago

Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion) GSA_kwCzR0hTQS1wNTQzLXhwZm0tNTRjcM4ABNDS

rubygems rack
High
about 1 month ago

Rack has an unsafe default in Rack::QueryParser allows params_limit bypass via semicolon-separated parameters GSA_kwCzR0hTQS02MjVoLTk1cjgtOHhwbc4ABMpX

rubygems rack
Moderate
5 months ago

ReDoS Vulnerability in Rack::Multipart handle_mime_head GSA_kwCzR0hTQS00N20yLTI2cnctajJqd84ABIp_

rubygems rack
High
6 months ago

Rack has an Unbounded-Parameter DoS in Rack::QueryParser GSA_kwCzR0hTQS1namg3LXAyZngtOTl2eM4ABHo_

rubygems rack
Moderate
6 months ago

Rack session gets restored after deletion GSA_kwCzR0hTQS12cGZ3LTQ3aDcteGo0Z84ABHo9

rubygems rack
High
8 months ago

Local File Inclusion in Rack::Static GSA_kwCzR0hTQS03d3FoLTc2N3gtcjY2ds4ABFQr

rubygems rack
Moderate
8 months ago

Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection GSA_kwCzR0hTQS04Y2dxLTZtaDItN2o2ds4ABFEg

rubygems rack
Moderate
9 months ago

Possible Log Injection in Rack::CommonLogger GSA_kwCzR0hTQS03ZzJ2LWpqOXEtZzNyZ84ABEZ0

rubygems rack
Moderate
over 1 year ago

Rack ReDoS Vulnerability in HTTP Accept Headers Parsing GSA_kwCzR0hTQS1jajgzLTJ3dzctbXZxN84AA9fb

rubygems rack
Moderate
over 1 year ago

Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial) GSA_kwCzR0hTQS0yMmYyLXY1N2MtajljeM4AA5mE

rubygems rack
Low
over 1 year ago

Rack has possible DoS Vulnerability with Range Header GSA_kwCzR0hTQS14ajV2LTZ2NGctamZ3Ns4AA5mD

rubygems rack
Low
over 1 year ago

Rack Header Parsing leads to Possible Denial of Service Vulnerability GSA_kwCzR0hTQS01NHJyLTdmdnctNng4Zs4AA5mC

rubygems rack
Low
over 2 years ago

Possible Denial of Service Vulnerability in Rack's header parsing GSA_kwCzR0hTQS1jNnFnLWNqajgtNDdxcM4AAyIq

rubygems rack
High
over 2 years ago

Rack has possible DoS Vulnerability in Multipart MIME parsing GSA_kwCzR0hTQS0zaDU3LWhtajMtZ2ozcM4AAyAE

rubygems rack
Low
almost 3 years ago

Denial of Service Vulnerability in Rack Content-Disposition parsing GSA_kwCzR0hTQS05M3BtLTVwNWYtM2doeM4AAxD0

rubygems rack
High
almost 3 years ago

Denial of service via header parsing in Rack GSA_kwCzR0hTQS02NWY1LW1mcGYtdmZoas4AAxDt

rubygems rack
Low
almost 3 years ago

Denial of service via multipart parsing in Rack GSA_kwCzR0hTQS1ycXYyLTI3NXgtMmpxNc4AAxDs

rubygems rack
High
over 3 years ago

Denial of Service Vulnerability in Rack Multipart Parsing GSA_kwCzR0hTQS1oeHF4LXh3dmgtNDRtMs4AArQW

rubygems rack
Critical
over 3 years ago

Possible shell escape sequence injection vulnerability in Rack GSA_kwCzR0hTQS13cTRoLTdyNDItNWhycs4AArQV

rubygems rack
Moderate
over 3 years ago

Rack Gem Subject to Denial of Service via Hash Collisions GSA_kwCzR0hTQS12NmozLTdqcnctaHEycM4AAe7J

maven, rubygems org.jruby:jruby-parent, rack
Moderate
over 3 years ago

Rack arbitrary code execution via timing attack GSA_kwCzR0hTQS14Yzg1LTMybWYteHB2OM3iYQ

rubygems rack
Moderate
over 3 years ago

Rack vulnerable to Denial of Service GSA_kwCzR0hTQS12ODgyLWNjajYtamM0OM3iGw

rubygems rack
High
over 5 years ago

Directory traversal in Rack::Directory app bundled with Rack MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmOWgtOXBqdi12Nmo3

rubygems rack
High
over 5 years ago

Rack allows Percent-encoded cookies to overwrite existing prefixed cookie names MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2dzktZnY2cS0zcTUy

rubygems rack
Moderate
almost 6 years ago

Possible Information Leak / Session Hijack Vulnerability in Rack MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhycXItaHhwcC1jaHIz

rubygems rack
Moderate
almost 7 years ago

Rack vulnerable to Cross-site Scripting MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVyMnAtajQ3aC1taHBn

rubygems rack
High
almost 7 years ago

Rack vulnerable to Denial of Service MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnNzgtNGY2eC05OXdx

rubygems rack
Moderate
about 8 years ago

Rack rubygems receiving excessively long lines triggers out-of-memory error MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNweGgtaDhody1tajh3

rubygems rack
Moderate
about 8 years ago

Rack Vulnerable to Path Traversal MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1cjctdzVtdi1jODQ5

rubygems rack
Moderate
about 8 years ago

Rack vulnerable to REDoS MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3N3gtbTVxOC1jMjlo

rubygems rack
Moderate
about 8 years ago

Rack vulnerable to Denial of Service via large parameter depth request MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJncjQtOWpoNS1qNGo2

rubygems rack

Filter by Severity

Moderate 16 High 13 Low 5 Critical 1