ruby-rack (Ubuntu:23.10) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Ubuntu:23.10 package ruby-rack, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2024-26141 — CVSS 5.8 (medium): Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large…
CVE-2024-26146 — CVSS 5.3 (medium): Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected…