Debian Bug report logs -
#1033264
ruby-rack: CVE-2023-27539
Package:
src:ruby-rack;
Maintainer for src:ruby-rack is Debian Ruby Team <pkg-ruby-extras-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 20 Mar 2023 20:18:01 UTC
Severity: important
Tags: security, upst ...
Several vulnerabilities were discovered in ruby-rack, a modular Ruby
webserver interface, which may result in denial of service and shell
escape sequence injection
For the oldstable distribution (bullseye), these problems have been fixed
in version 214-3+deb11u1
We recommend that you upgrade your ruby-rack packages
For the detailed security st ...
Synopsis
Moderate: Logging Subsystem 565 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Moderate
Topic
Logging Subsystem 565 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Synopsis
Moderate: pcs security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for pcs is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has ra ...
Synopsis
Moderate: pcs security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for pcs is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having ...
Synopsis
Moderate: pcs security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for pcs is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Security has ra ...
概述
Important: pcs security and bug fix update
类型/严重性
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
标题
An update for pcs is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as hav ...
Synopsis
Moderate: pcs security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for pcs is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Security has ra ...
Synopsis
Moderate: Logging Subsystem 572 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Moderate
Topic
Logging Subsystem 572 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
The Ruby on Rails advisory describes this vulnerability as follows:
Carefully crafted input can cause header parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector Any applications that parse headers using Rack (virtually all Rails applications) are impacted (CVE-2023-27539) ...
Description<!----> This CVE is under investigation by Red Hat Product Security ...