CVSS: 5.0EPSS: 6%CPEs: 7EXPL: 0CVE-2015-3225 – rubygem-rack: Potential Denial of Service Vulnerability in Rack normalize_params()
https://notcve.org/view.php?id=CVE-2015-3225
lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth. Vulnerabilidad en lib/rack/utils.rb en Rack en versiones anteriores a 1.5.4 y 1.6.x anteriores a 1.6.2, tal como se utiliza con Ruby on Rails en versiones 3.x y 4.x y en otros productos, permite a atacantes remotos provocar una denegación de servicio (SystemStackError) a través de una solicitud con un parámetro de gran tamaño. A flaw was found in a way Rack processed parameters of incoming requests. An attacker could use this flaw to send a crafted request that would cause an application using Rack to crash. • http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164173.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165180.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00040.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00043.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00044.html http://openwall.com/lists/oss-security/2015/06/16/14 http://rhn.redhat.com/errata/RHSA-2015-2290.html http://www.debian.org/security&#x • CWE-19: Data Processing Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0262 – rubygem-rack: Path sanitization information disclosure
https://notcve.org/view.php?id=CVE-2013-0262
rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka "symlink path traversals." rack/file.rb (Rack::File) en Rack v1.5.x anterior a v1.5.2 y v1.4.x anterior a v1.4.5 permite a atacantes acceder a ficheros arbitrarios fuera del directorio raiz mediante una variable de entorno PATH_INFO especialmente diseñada, posiblemente una vulnerabilidad de salto de directorio remotamente explotable, también conocido como "salto de directorio symlink". • http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html http://rack.github.com http://secunia.com/advisories/52033 https://bugzilla.redhat.com/show_bug.cgi?id=909071 https://bugzilla.redhat.com/show_bug.cgi?id=909072 https://gist.github.com/rentzsch/4736940 https://github.com/rack/rack/blob/master/lib/rack/file.rb#L56 https://github.com/rack/rack/commit/6f237e4c9fab649d3750482514f0fde76c56ab30 https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ https&# • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.1EPSS: 8%CPEs: 28EXPL: 0CVE-2013-0263 – rubygem-rack: Timing attack in cookie sessions
https://notcve.org/view.php?id=CVE-2013-0263
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time. Rack::Sesión::Cookie en rack v1.5.x antes de v1.5.2, v1.4.x antes de v1.4.5, v1.3.x antes de v1.3.10, v1.2.x antes de v1.2.8, antes de v1.1.x y v1.1.6 permite atacantes remotos para adivinar la cookie de sesión, los privilegios de ganancia, y ejecutar código arbitrario a través de un ataque de sincronización que implica una función de comparación HMAC que no se ejecuta en tiempo constante. • http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html http://rack.github.com http://rhn.redhat.com/errata/RHSA-2013-0686.html http://secunia.com/advisories/52033 http://secunia.com/advisories/52134 http://secunia.com/advisories/52774 http://www.debian.org/security/2013/dsa-2783 http://www.osvdb.org/89939 https://bugzilla.redhat.com/show_bug.cgi?id=909071 https://gist.github.com/codahale/f9f3781f7b54985bee94 https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481 •