VulnerableCode Package Details - pkg:deb/debian/ruby-sinatra@4.2.1-3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/ruby-sinatra@4.2.1-3

Essentials
History (3)

purl	pkg:deb/debian/ruby-sinatra@4.2.1-3

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-tax5-a72w-mbhy	Sinatra is vulnerable to ReDoS through ETag header value generation There is a denial of service vulnerability in the `If-Match` and `If-None-Match` header parsing component of Sinatra, if the `etag` method is used when constructing the response and you are using Ruby < 3.2.	CVE-2025-61921 GHSA-mr3q-g2mv-mr4q

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:54:01.449868+00:00	Debian Importer	Fixing	VCID-tax5-a72w-mbhy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:51:26.081687+00:00	Debian Importer	Fixing	VCID-tax5-a72w-mbhy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-08T19:53:37.632221+00:00	Debian Importer	Fixing	VCID-tax5-a72w-mbhy	https://security-tracker.debian.org/tracker/data/json	38.1.0