42 lines
1.5 KiB
Plaintext
42 lines
1.5 KiB
Plaintext
Name: actionpack
|
|
Version: 7.1.3
|
|
CVE: CVE-2024-26142
|
|
Criticality: Unknown
|
|
URL: https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946
|
|
Title: Possible ReDoS vulnerability in Accept header parsing in Action Dispatch
|
|
Solution: upgrade to '>= 7.1.3.1'
|
|
|
|
Name: actionpack
|
|
Version: 7.1.3
|
|
CVE: CVE-2024-26143
|
|
Criticality: Unknown
|
|
URL: https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947
|
|
Title: Possible XSS Vulnerability in Action Controller
|
|
Solution: upgrade to '~> 7.0.8, >= 7.0.8.1', '>= 7.1.3.1'
|
|
|
|
Name: rack
|
|
Version: 3.0.9
|
|
CVE: CVE-2024-25126
|
|
Criticality: Unknown
|
|
URL: https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941
|
|
Title: Denial of Service Vulnerability in Rack Content-Type Parsing
|
|
Solution: upgrade to '~> 2.2.8, >= 2.2.8.1', '>= 3.0.9.1'
|
|
|
|
Name: rack
|
|
Version: 3.0.9
|
|
CVE: CVE-2024-26141
|
|
Criticality: Unknown
|
|
URL: https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944
|
|
Title: Possible DoS Vulnerability with Range Header in Rack
|
|
Solution: upgrade to '~> 2.2.8, >= 2.2.8.1', '>= 3.0.9.1'
|
|
|
|
Name: rack
|
|
Version: 3.0.9
|
|
CVE: CVE-2024-26146
|
|
Criticality: Unknown
|
|
URL: https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942
|
|
Title: Possible Denial of Service Vulnerability in Rack Header Parsing
|
|
Solution: upgrade to '~> 2.0.9, >= 2.0.9.4', '~> 2.1.4, >= 2.1.4.4', '~> 2.2.8, >= 2.2.8.1', '>= 3.0.9.1'
|
|
|
|
Vulnerabilities found!
|