CVE-2022-44572
- EPSS 0.26%
- Veröffentlicht 09.02.2023 20:15:11
- Zuletzt bearbeitet 13.02.2025 15:37:40
A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount o...
CVE-2022-44571
- EPSS 3.29%
- Veröffentlicht 09.02.2023 20:15:11
- Zuletzt bearbeitet 13.02.2025 15:37:40
There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto tak...
CVE-2022-44570
- EPSS 3.29%
- Veröffentlicht 09.02.2023 20:15:11
- Zuletzt bearbeitet 13.02.2025 15:37:40
A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service a...
CVE-2019-16782
- EPSS 0.69%
- Veröffentlicht 18.12.2019 20:15:16
- Zuletzt bearbeitet 13.02.2025 15:37:40
There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id....