Information on source package ruby-rack

Available versions

ReleaseVersion
buster2.0.6-3
buster (security)2.0.6-3+deb10u1
bullseye2.1.4-3
bookworm2.2.4-2
sid2.2.4-2

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2022-30123fixedvulnerablefixedfixedPossible shell escape sequence injection vulnerability in Rack
CVE-2022-30122fixedvulnerablefixedfixedDenial of Service Vulnerability in Rack Multipart Parsing
CVE-2020-8184vulnerable (no DSA)fixedfixedfixedA reliance on cookies without validation/integrity check security vuln ...
CVE-2020-8161vulnerable (no DSA)fixedfixedfixedA directory traversal vulnerability exists in rack < 2.2.0 that all ...
CVE-2019-16782vulnerable (no DSA)fixedfixedfixedThere's a possible information leak / session hijack vulnerability in ...

Resolved issues

BugDescription
CVE-2018-16471There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. ...
CVE-2018-16470There is a possible DoS vulnerability in the multipart parser in Rack ...
CVE-2015-3225lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used ...
CVE-2013-0263Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, ...
CVE-2013-0262rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before ...
CVE-2013-0184Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x ...
CVE-2013-0183multipart/parser.rb in Rack 1.3.x before 1.3.8 and 1.4.x before 1.4.3 ...
CVE-2012-6109lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x ...
CVE-2011-5036Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes ...

Security announcements

DSA / DLADescription
DLA-3095-1ruby-rack - security update
DLA-2275-1ruby-rack - security update
DLA-2216-1ruby-rack - security update
DLA-1585-1ruby-rack - security update
DSA-3322-1ruby-rack - security update

Search for package or bug name: Reporting problems