rubygem-rack Info

rubygem-rack was added to epel8 repo on 2019-12-03
Page updated: 2025-10-28 07:31
Repo Status - Overall Status

Source NVR: rubygem-rack-2.2.4-1.el8 (2022-09-09)

Binary Packages

rubygem-rack	rubygem-rack-2.2.4-1.el8
rubygem-rack-doc	rubygem-rack-doc-2.2.4-1.el8

Bugs

2164715	NEW	CVE-2022-44571 rubygem-rack: denial of service in Content-Disposition parsing [epel-8]
2164720	NEW	CVE-2022-44570 rubygem-rack: denial of service in Content-Disposition parsing [epel-8]
2164723	NEW	CVE-2022-44572 rubygem-rack: denial of service in Content-Disposition parsing [epel-8]
2176479	NEW	CVE-2023-27530 rubygem-rack: Denial of service in Multipart MIME parsing [epel-all]
2179652	NEW	CVE-2023-27539 rubygem-rack: denial of service in header parsing [epel-all]
2265599	NEW	CVE-2024-25126 rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing [epel-all]
2265600	NEW	CVE-2024-26141 rubygem-rack: Possible DoS Vulnerability with Range Header in Rack [epel-all]
2265601	NEW	CVE-2024-26146 rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing [epel-all]
2345709	NEW	CVE-2025-25184 rubygem-rack: Possible Log Injection in Rack::CommonLogger [epel-8]
2349975	NEW	CVE-2025-27111 rubygem-rack: Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection [epel-8]
2351275	NEW	CVE-2025-27610 rubygem-rack: Local File Inclusion in Rack::Static [epel-8]
2364996	NEW	CVE-2025-46727 rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser [epel-8]
2365049	NEW	CVE-2025-32441 rubygem-rack: Rack Session Reuse Vulnerability [epel-8]
2402985	NEW	CVE-2025-59830 rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters [epel-8]
2403522	NEW	CVE-2025-61919 rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion [epel-8]
2403527	NEW	CVE-2025-61780 rubygem-rack: Improper handling of headers in `Rack::Sendfile` may allow proxy bypass [epel-8]

Install Failures