Vulnerabilities > Rack > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-29 | CVE-2024-25126 | Rack is a modular Ruby web server interface. | 7.5 |
| 2024-02-29 | CVE-2024-26141 | Rack is a modular Ruby web server interface. | 7.5 |
| 2024-02-29 | CVE-2024-26146 | Rack is a modular Ruby web server interface. | 7.5 |
| 2023-03-10 | CVE-2023-27530 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected. | 7.5 |
| 2023-02-09 | CVE-2022-44570 | Unspecified vulnerability in Rack A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. | 7.5 |
| 2023-02-09 | CVE-2022-44571 | Unspecified vulnerability in Rack There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. | 7.5 |
| 2023-02-09 | CVE-2022-44572 | Unspecified vulnerability in Rack A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. | 7.5 |