Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rack project rack 1.5.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-0262
rack/file.rb (Rack::File) in Rack 1.5.x prior to 1.5.2 and 1.4.x prior to 1.4.5 allows malicious users to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploit...
Rack Project Rack 1.4.4
Rack Project Rack 1.4.2
Rack Project Rack 1.4.3
Rack Project Rack 1.4.0
Rack Project Rack 1.5.1
Rack Project Rack 1.4.1
Rack Project Rack 1.5.0
3 Github repositories
5.1
CVSSv2
CVE-2013-0263
Rack::Session::Cookie in Rack 1.5.x prior to 1.5.2, 1.4.x prior to 1.4.5, 1.3.x prior to 1.3.10, 1.2.x prior to 1.2.8, and 1.1.x prior to 1.1.6 allows remote malicious users to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an ...
Rack Project Rack 1.5.1
Rack Project Rack 1.5.0
Rack Project Rack 1.4.4
Rack Project Rack 1.4.2
Rack Project Rack 1.4.3
Rack Project Rack 1.4.0
Rack Project Rack 1.4.1
Rack Project Rack 1.3.1
Rack Project Rack 1.3.7
Rack Project Rack 1.3.8
Rack Project Rack 1.3.2
Rack Project Rack 1.3.5
Rack Project Rack 1.3.9
Rack Project Rack 1.3.6
Rack Project Rack 1.3.0
Rack Project Rack 1.3.4
Rack Project Rack 1.3.3
Rack Project Rack 1.2.6
Rack Project Rack 1.2.3
Rack Project Rack 1.2.0
Rack Project Rack 1.2.7
Rack Project Rack 1.2.1
4 Github repositories
NA
CVE-2022-44570
A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applicati...
Rack Project Rack
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started