Security Advisories · rack/rack · GitHub

8000 Security Advisories · rack/rack · GitHub

More Web Proxy on the site http://driver.im/

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

Unbounded parameter parsing in `Rack::QueryParser` can lead to memory exhaustion
GHSA-gjh7-p2fx-99vx published May 7, 2025 by ioquatix

High
`Rack::Session::Pool` middleware may restore deleted sessions
GHSA-vpfw-47h7-xj4g published May 7, 2025 by ioquatix

Moderate
Local file inclusion in `Rack::Static`
GHSA-7wqh-767x-r66v published Mar 10, 2025 by ioquatix

High
Possible log Injection in `Rack::Sendfile`
GHSA-8cgq-6mh2-7j6v published Mar 4, 2025 by ioquatix

Moderate
Possible log Injection in `Rack::CommonLogger`
GHSA-7g2v-jj9q-g3rg published Feb 12, 2025 by ioquatix

Moderate
ReDoS Vulnerability in Rack::Multipart handle_mime_head
GHSA-47m2-26rw-j2jw published Jun 4, 2025 by tenderlove

Low
ReDoS Vulnerability in HTTP Accept Headers Parsing
GHSA-cj83-2ww7-mvq7 published Jul 2, 2024 by ioquatix

Moderate
Possible Denial of Service Vulnerability in Rack Header Parsing
GHSA-54rr-7fvw-6x8f published Feb 28, 2024 by tenderlove

Low
Possible DoS Vulnerability with Range Header in Rack
GHSA-xj5v-6v4g-jfw6 published Feb 28, 2024 by tenderlove

Low
ReDos in content type parsing (2nd degree polynomial)
GHSA-22f2-v57c-j9cx published Feb 28, 2024 by tenderlove

Low

0