Количество 9
Количество 9
CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11.
CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11.
CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11.
CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middle ...
SUSE-SU-2025:1492-1
Security update for rubygem-rack-1_6
ROS-20250403-16
Уязвимость rubygem-rack
GHSA-8cgq-6mh2-7j6v
Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection
BDU:2025-04293
Уязвимость интерфейса модуля Rack интерпретатора языка программирования Ruby, позволяющая нарушителю оказать влияние на целостность защищаемой информации
SUSE-SU-2025:0874-1
Security update for rubygem-rack
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-27111 Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11. | 0% Низкий | 4 месяца назад | |
 | CVE-2025-27111 Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11. | CVSS3: 5.3 | 0% Низкий | 4 месяца назад |
 | CVE-2025-27111 Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11. | 0% Низкий | 4 месяца назад | |
| CVE-2025-27111 Rack is a modular Ruby web server interface. The Rack::Sendfile middle ... | 0% Низкий | 4 месяца назад | |
 | SUSE-SU-2025:1492-1 Security update for rubygem-rack-1_6 | 0% Низкий | около 1 месяца назад | |
 | ROS-20250403-16 Уязвимость rubygem-rack | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
| GHSA-8cgq-6mh2-7j6v Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection | 0% Низкий | 4 месяца назад | |
 | BDU:2025-04293 Уязвимость интерфейса модуля Rack интерпретатора языка программирования Ruby, позволяющая нарушителю оказать влияние на целостность защищаемой информации | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
| SUSE-SU-2025:0874-1 Security update for rubygem-rack | 3 месяца назад |
Уязвимостей на страницу