| CVE-2026-34829 |
high |
— |
8.0 |
|
|
|
2mo ago |
Rack's multipart parsing without Content-Length header allows unbounded chunked file uploads |
| CVE-2026-34827 |
high |
— |
8.0 |
|
|
|
2mo ago |
Rack's multipart header parsing allows Denial of Service via escape-heavy quoted parameters |
| CVE-2026-34785 |
high |
— |
8.0 |
|
|
|
2mo ago |
Rack::Static prefix matching can expose unintended files under the static root |
| CVE-2026-34230 |
high |
— |
8.0 |
|
|
|
2mo ago |
Rack has quadratic complexity in Rack::Utils.select_best_encoding via wildcard Accept-Encoding header |
| CVE-2025-61919 |
high |
— |
8.0 |
|
|
|
8mo ago |
RHSA-2025:19719: pcs security update (Important) |
| CVE-2025-61771 |
high |
— |
8.0 |
|
|
|
8mo ago |
RHSA-2025:19719: pcs security update (Important) |
| CVE-2025-61770 |
high |
— |
8.0 |
|
|
|
8mo ago |
RHSA-2025:19719: pcs security update (Important) |
| CVE-2025-61772 |
high |
— |
8.0 |
|
|
|
8mo ago |
RHSA-2025:19719: pcs security update (Important) |
| CVE-2025-59830 |
high |
— |
8.0 |
|
|
|
8mo ago |
RHSA-2025:19719: pcs security update (Important) |
| CVE-2025-46727 |
high |
— |
8.0 |
|
|
|
1y ago |
RHSA-2025:8254: pcs security update (Important) |
| CVE-2022-44570 |
high |
— |
8.0 |
|
|
|
3y ago |
A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount o… |
| CVE-2022-44572 |
high |
— |
8.0 |
|
|
|
3y ago |
A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boun… |
| CVE-2022-44571 |
high |
— |
8.0 |
|
|
|
3y ago |
There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cau… |
