FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-23 14:57:51 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
2fdb053c-ca25-11ed-9d7e-080027f5fec9	rack -- possible denial of service vulnerability in header parsing ooooooo_q reports: Carefully crafted input can cause header parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse headers using Rack (virtually all Rails applications) are impacted. Discovery 2023-03-13 Entry 2023-03-24 rubygem-rack < 3.0.6.1,3 rubygem-rack22 < 2.2.6.6,3 rubygem-rack16 < 1.6.14 CVE-2023-27539 https://discuss.rubyonrails.org/t/cve-2023-27539-possible-denial-of-service-vulnerability-in-racks-header-parsing/82466

VuXML ID

Description

2fdb053c-ca25-11ed-9d7e-080027f5fec9

rack -- possible denial of service vulnerability in header parsing

ooooooo_q reports:

Carefully crafted input can cause header parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse headers using Rack (virtually all Rails applications) are impacted.

Discovery 2023-03-13
Entry 2023-03-24
rubygem-rack

< 3.0.6.1,3

rubygem-rack22

< 2.2.6.6,3

rubygem-rack16

< 1.6.14

CVE-2023-27539
https://discuss.rubyonrails.org/t/cve-2023-27539-possible-denial-of-service-vulnerability-in-racks-header-parsing/82466