Количество 9
Количество 9
CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11.
CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11.
CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11.
CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middle ...
SUSE-SU-2025:1492-1
Security update for rubygem-rack-1_6
ROS-20250403-16
Уязвимость rubygem-rack
GHSA-8cgq-6mh2-7j6v
Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection
BDU:2025-04293
Уязвимость интерфейса модуля Rack интерпретатора языка программирования Ruby, позволяющая нарушителю оказать влияние на целостность защищаемой информации
SUSE-SU-2025:0874-1
Security update for rubygem-rack
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-27111 Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11. | 0% Низкий | 6 месяцев назад | |
 | CVE-2025-27111 Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11. | CVSS3: 5.3 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-27111 Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11. | 0% Низкий | 6 месяцев назад | |
| CVE-2025-27111 Rack is a modular Ruby web server interface. The Rack::Sendfile middle ... | 0% Низкий | 6 месяцев назад | |
 | SUSE-SU-2025:1492-1 Security update for rubygem-rack-1_6 | 0% Низкий | 4 месяца назад | |
 | ROS-20250403-16 Уязвимость rubygem-rack | CVSS3: 5.3 | 0% Низкий | 5 месяцев назад |
| GHSA-8cgq-6mh2-7j6v Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection | 0% Низкий | 6 месяцев назад | |
 | BDU:2025-04293 Уязвимость интерфейса модуля Rack интерпретатора языка программирования Ruby, позволяющая нарушителю оказать влияние на целостность защищаемой информации | CVSS3: 5.3 | 0% Низкий | 5 месяцев назад |
| SUSE-SU-2025:0874-1 Security update for rubygem-rack | 6 месяцев назад |
Уязвимостей на страницу