VulnerableCode Package Details - pkg:deb/debian/ruby-rack@1.6.4-6?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/ruby-rack@1.6.4-6?distro=trixie

purl	pkg:deb/debian/ruby-rack@1.6.4-6?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-9xy8-h3y1-mubv	Cross-site Scripting There is a possible XSS vulnerability in Rack. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to HTTP or HTTPS and do not escape the return value could be vulnerable to an XSS attack. Note that applications using the normal escaping mechanisms provided by Rails may not be impacted, but applications that bypass the escaping mechanisms, or do not use them may be vulnerable.	CVE-2018-16471 GHSA-5r2p-j47h-mhpg

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T09:41:46.817483+00:00	Debian Importer	Fixing	VCID-9xy8-h3y1-mubv	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-11T18:26:57.971027+00:00	Debian Importer	Fixing	VCID-9xy8-h3y1-mubv	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:52:19.432205+00:00	Debian Importer	Fixing	VCID-9xy8-h3y1-mubv	https://security-tracker.debian.org/tracker/data/json	38.1.0