rubygem-rack (SUSE:Linux Enterprise High Availability Extension 15 SP7) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Availability Extension 15 SP7 package rubygem-rack, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2025-46727 — CVSS 7.5 (high): Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, `Rack::QueryParser` parses query strings and…
CVE-2025-61919 — CVSS 7.5 (high): Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, `Rack::Request#POST` reads the entire request…
CVE-2025-61780 — CVSS 5.8 (medium): Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability…
CVE-2025-32441 — CVSS 4.2 (medium): Rack is a modular Ruby web server interface. Prior to version 2.2.14, when using the `Rack::Session::Pool` middleware, simultaneous rack…