Vulnerabilities > Rack Project > Rack > 2.1.4

DATE CVE VULNERABILITY TITLE RISK
2022-12-05 CVE-2022-30122 A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.
network
low complexity
rack-project debian
7.5
7.5
2022-12-05 CVE-2022-30123 A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
network
low complexity
rack-project debian
critical
 10.0
10
2020-07-02 CVE-2020-8161 Path Traversal vulnerability in multiple products
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
network
low complexity
rack-project debian canonical CWE-22
8.6
8.6