Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-26141

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 29 Ρ„Π΅Π². 2024
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
EPSS Низкий
CVSS3: 5.8

ОписаниС

Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the Rack::File middleware or the Rack::Utils.byte_ranges methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support
devel

not-affected

2.2.7-1.1
esm-apps/bionic

released

1.6.4-4ubuntu0.2+esm6
esm-apps/focal

released

2.0.7-2ubuntu0.1+esm5
esm-apps/jammy

released

2.1.4-5ubuntu1+esm5
esm-apps/xenial

released

1.6.4-3ubuntu0.2+esm6
esm-infra-legacy/trusty

released

1.5.2-3+deb8u3ubuntu1~esm8
focal

ignored

end of standard support, was needed
jammy

released

2.1.4-5ubuntu1.1
mantic

released

2.2.4-3ubuntu0.1

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 52%
0.00294
Низкий

5.8 Medium

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-26141

CVSS3: 5.3
redhat
большС 1 года назад

Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the `Rack::File` middleware or the `Rack::Utils.byte_ranges` methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-26141

CVSS3: 5.8
nvd
большС 1 года назад

Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the `Rack::File` middleware or the `Rack::Utils.byte_ranges` methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-26141

CVSS3: 5.8
debian
большС 1 года назад

Rack is a modular Ruby web server interface. Carefully crafted Range h ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-xj5v-6v4g-jfw6

github
большС 1 года назад

Rack has possible DoS Vulnerability with Range Header

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2024-01714

CVSS3: 5.8
fstec
большС 1 года назад

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ интСрфСйса модуля Rack ΠΈΠ½Ρ‚Π΅Ρ€ΠΏΡ€Π΅Ρ‚Π°Ρ‚ΠΎΡ€Π° языка программирования Ruby, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ Π²Ρ‹Π·Π²Π°Ρ‚ΡŒ ΠΎΡ‚ΠΊΠ°Π· Π² обслуТивании

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 52%
0.00294
Низкий

5.8 Medium

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2024-26141