VulnerableCode Package Details - pkg:gem/rack-cors@1.0.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:gem/rack-cors@1.0.1

Essentials
History (3)

purl	pkg:gem/rack-cors@1.0.1

Next non-vulnerable version	2.0.2
Latest non-vulnerable version	2.0.2
Risk	4.1

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-1685-c26p-37bd Aliases: CVE-2019-18978 GHSA-pf8f-w267-mq2h	security update	1.0.4 Affected by 0 other vulnerabilities.
VCID-vufh-g11p-g7aw Aliases: CVE-2024-27456 GHSA-785g-282q-pwvx	rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 permissions for the .rb files.	2.0.2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T09:24:25.525520+00:00	Ruby Importer	Affected by	VCID-vufh-g11p-g7aw	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack-cors/CVE-2024-27456.yml	38.6.0
2026-06-12T19:21:29.132965+00:00	GitLab Importer	Affected by	VCID-vufh-g11p-g7aw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rack-cors/CVE-2024-27456.yml	38.6.0
2026-06-12T17:15:37.572047+00:00	GitLab Importer	Affected by	VCID-1685-c26p-37bd	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rack-cors/CVE-2019-18978.yml	38.6.0