Описание
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 2.2.4-2 |
| esm-apps/bionic | released | 1.6.4-4ubuntu0.2+esm2 |
| esm-apps/focal | released | 2.0.7-2ubuntu0.1+esm2 |
| esm-apps/jammy | released | 2.1.4-5ubuntu1+esm2 |
| esm-apps/xenial | released | 1.6.4-3ubuntu0.2+esm2 |
| esm-infra-legacy/trusty | not-affected | 1.5.2-3+deb8u3ubuntu1~esm4 |
| focal | ignored | end of standard support, was needed |
| impish | ignored | end of life |
| jammy | released | 2.1.4-5ubuntu1.1 |
Показывать по
Ссылки на источники
10 Critical
CVSS3
Связанные уязвимости
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 a ...
Possible shell escape sequence injection vulnerability in Rack
Уязвимость модульного интерфейса между веб-серверами и веб-приложениями Rack, связанная с неправильной нейтрализацией специальных элементов используемых в команде ОС, позволяющая нарушителю выполнять произвольные команды оболочки в целевой системе
10 Critical
CVSS3