Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rack project rack 1.5.0 vulnerabilities and exploits
(subscribe to this query)
384
VMScore
CVE-2013-0262
rack/file.rb (Rack::File) in Rack 1.5.x prior to 1.5.2 and 1.4.x prior to 1.4.5 allows malicious users to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploit...
Rack Project Rack 1.4.4
Rack Project Rack 1.4.2
Rack Project Rack 1.4.3
Rack Project Rack 1.4.0
Rack Project Rack 1.5.1
Rack Project Rack 1.4.1
Rack Project Rack 1.5.0
3 Github repositories
455
VMScore
CVE-2013-0263
Rack::Session::Cookie in Rack 1.5.x prior to 1.5.2, 1.4.x prior to 1.4.5, 1.3.x prior to 1.3.10, 1.2.x prior to 1.2.8, and 1.1.x prior to 1.1.6 allows remote malicious users to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an ...
Rack Project Rack 1.5.1
Rack Project Rack 1.5.0
Rack Project Rack 1.4.4
Rack Project Rack 1.4.2
Rack Project Rack 1.4.3
Rack Project Rack 1.4.0
Rack Project Rack 1.4.1
Rack Project Rack 1.3.1
Rack Project Rack 1.3.7
Rack Project Rack 1.3.8
Rack Project Rack 1.3.2
Rack Project Rack 1.3.5
Rack Project Rack 1.3.9
Rack Project Rack 1.3.6
Rack Project Rack 1.3.0
Rack Project Rack 1.3.4
Rack Project Rack 1.3.3
Rack Project Rack 1.2.6
Rack Project Rack 1.2.3
Rack Project Rack 1.2.0
Rack Project Rack 1.2.7
Rack Project Rack 1.2.1
4 Github repositories
NA
CVE-2022-44570
A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applicati...
Rack Project Rack
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started