Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/ruby-rack@0?distro=trixie
Typedeb
Namespacedebian
Nameruby-rack
Version0
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.4.0-1
Latest_non_vulnerable_version3.2.6-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6jed-427q-gbev
vulnerability_id VCID-6jed-427q-gbev
summary 
Rack vulnerable to Denial of Service
There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:3172
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3172
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16470.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16470.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16470
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.38972
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16470
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2018-16470.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2018-16470.yml
6
reference_url https://groups.google.com/forum/#!msg/rubyonrails-security/U_x-YkfuVTg/xhvYAmp6AAAJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rubyonrails-security/U_x-YkfuVTg/xhvYAmp6AAAJ
7
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/Dz4sRl-ktKk
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/ruby-security-ann/Dz4sRl-ktKk
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16470
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-16470
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1646814
reference_id 1646814
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1646814
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913003
reference_id 913003
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913003
11
reference_url https://github.com/advisories/GHSA-hg78-4f6x-99wq
reference_id GHSA-hg78-4f6x-99wq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hg78-4f6x-99wq
fixed_packages
0
url pkg:deb/debian/ruby-rack@0?distro=trixie
purl pkg:deb/debian/ruby-rack@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@0%3Fdistro=trixie
1
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.22-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.20-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
purl pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie
aliases CVE-2018-16470, GHSA-hg78-4f6x-99wq
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6jed-427q-gbev
1
url VCID-dkjq-6mtr-yfgb
vulnerability_id VCID-dkjq-6mtr-yfgb
summary 
Rack ReDoS Vulnerability in HTTP Accept Headers Parsing
### Summary

A Regular Expression Denial of Service (ReDoS) vulnerability exists in the `Rack::Request::Helpers` module when parsing HTTP Accept headers. This vulnerability can be exploited by an attacker sending specially crafted `Accept-Encoding` or `Accept-Language` headers, causing the server to spend excessive time processing the request and leading to a Denial of Service (DoS).

### Details

The fix for https://github.com/rack/rack/security/advisories/GHSA-54rr-7fvw-6x8f was not applied to the main branch and thus while the issue was fixed for the Rack v3.0 release series, it was not fixed in the v3.1 release series until v3.1.5.
references
0
reference_url https://advisory.dw1.io/61
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://advisory.dw1.io/61
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39316
reference_id
reference_type
scores
0
value 0.00833
scoring_system epss
scoring_elements 0.749
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39316
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
4
reference_url https://github.com/rack/rack/commit/412c980450ca729ee37f90a2661f166a9665e058
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T13:50:23Z/
url https://github.com/rack/rack/commit/412c980450ca729ee37f90a2661f166a9665e058
5
reference_url https://github.com/rack/rack/security/advisories/GHSA-54rr-7fvw-6x8f
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T13:50:23Z/
url https://github.com/rack/rack/security/advisories/GHSA-54rr-7fvw-6x8f
6
reference_url https://github.com/rack/rack/security/advisories/GHSA-cj83-2ww7-mvq7
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T13:50:23Z/
url https://github.com/rack/rack/security/advisories/GHSA-cj83-2ww7-mvq7
7
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-39316.yml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-39316.yml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39316
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39316
9
reference_url https://github.com/advisories/GHSA-cj83-2ww7-mvq7
reference_id GHSA-cj83-2ww7-mvq7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cj83-2ww7-mvq7
fixed_packages
0
url pkg:deb/debian/ruby-rack@0?distro=trixie
purl pkg:deb/debian/ruby-rack@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@0%3Fdistro=trixie
1
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.22-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.20-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
purl pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie
aliases CVE-2024-39316, GHSA-cj83-2ww7-mvq7
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dkjq-6mtr-yfgb
2
url VCID-v2nc-35z6-2kf6
vulnerability_id VCID-v2nc-35z6-2kf6
summary rack: rubygem-rack: Rack Content-Disposition Denial of Service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49007.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49007.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-49007
reference_id
reference_type
scores
0
value 0.00569
scoring_system epss
scoring_elements 0.68866
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-49007
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
4
reference_url https://github.com/rack/rack/commit/4795831a0a310c2d31102749e551b38faab6401f
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:37Z/
url https://github.com/rack/rack/commit/4795831a0a310c2d31102749e551b38faab6401f
5
reference_url https://github.com/rack/rack/commit/aed514df37e33907df3c971ed3ca9a0a20ac2901
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:37Z/
url https://github.com/rack/rack/commit/aed514df37e33907df3c971ed3ca9a0a20ac2901
6
reference_url https://github.com/rack/rack/security/advisories/GHSA-47m2-26rw-j2jw
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:37Z/
url https://github.com/rack/rack/security/advisories/GHSA-47m2-26rw-j2jw
7
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-49007.yml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-49007.yml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-49007
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-49007
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107363
reference_id 1107363
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107363
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2370346
reference_id 2370346
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2370346
11
reference_url https://github.com/advisories/GHSA-47m2-26rw-j2jw
reference_id GHSA-47m2-26rw-j2jw
reference_type
scores
url https://github.com/advisories/GHSA-47m2-26rw-j2jw
fixed_packages
0
url pkg:deb/debian/ruby-rack@0?distro=trixie
purl pkg:deb/debian/ruby-rack@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@0%3Fdistro=trixie
1
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.22-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ruby-rack@3.1.16-0.1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.16-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.16-0.1%3Fdistro=trixie
4
url pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.20-0%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
purl pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie
aliases CVE-2025-49007, GHSA-47m2-26rw-j2jw
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v2nc-35z6-2kf6
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@0%3Fdistro=trixie