Lucene search
WolfiWOLFI:CVE-2024-25126HistoryJul 01, 2024 - 9:08 a.m.
CVE-2024-25126 vulnerabilities
2024-07-0109:08:36
packages.wolfi.dev
11
cve-2024-25126
vulnerabilities
logstash
kube-fluentd-operator
ruby3.2-rack
ruby3.2-rack-2.2
unix
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.4%
Vulnerabilities for packages: ruby3.2-rack, kube-fluentd-operator, logstash
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Wolfi | unknown | x86_64 | kube-fluentd-operator | <= 1.18.2-r3 | kube-fluentd-operator-1.18.2-r3.apk |
| Wolfi | unknown | aarch64 | kube-fluentd-operator | <= 1.18.2-r3 | kube-fluentd-operator-1.18.2-r3.apk |
| Wolfi | unknown | x86_64 | logstash | <= 8.12.2-r2 | logstash-8.12.2-r2.apk |
| Wolfi | unknown | aarch64 | logstash | <= 8.12.2-r2 | logstash-8.12.2-r2.apk |
| Wolfi | unknown | x86_64 | ruby3.2-rack | <= 2.2.8.1-r0 | ruby3.2-rack-2.2.8.1-r0.apk |
| Wolfi | unknown | aarch64 | ruby3.2-rack | <= 2.2.8.1-r0 | ruby3.2-rack-2.2.8.1-r0.apk |
| Wolfi | unknown | x86_64 | ruby3.2-rack | <= 3.0.9.1-r0 | ruby3.2-rack-3.0.9.1-r0.apk |
| Wolfi | unknown | aarch64 | ruby3.2-rack | <= 3.0.9.1-r0 | ruby3.2-rack-3.0.9.1-r0.apk |
Related
redhatcve
redhatcve
CVE-2024-25126
2024-02-23 03:01:38
cvelist
cvelist
CVE-2024-25126 Rack ReDos in content type parsing (2nd degree polynomial)
2024-02-28 23:28:07
cve
cve
CVE-2024-25126
2024-02-29 00:15:51
debiancve
debiancve
CVE-2024-25126
2024-02-29 00:15:51
cgr
cgr
CVE-2024-25126 vulnerabilities
2024-05-19 03:07:16
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2024-02-28 08:16:50
github
github
Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial)
2024-02-28 22:57:26
osv
osv
Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial)
2024-02-28 22:57:26
CVE-2024-25126
2024-02-29 00:15:51
ruby-rack - security update
2024-04-29 00:00:00
ubuntucve
ubuntucve
CVE-2024-25126
2024-02-29 00:00:00
nvd
nvd
CVE-2024-25126
2024-02-29 00:15:51
prion
prion
Design/Logic Flaw
2024-02-29 00:15:00
hackerone
hackerone
rubygems
rubygems
Denial of Service Vulnerability in Rack Content-Type Parsing
2024-02-20 21:00:00
nessus
nessus
Debian dla-3800 : ruby-rack - security update
2024-04-29 00:00:00
Oracle Linux 9 : pcs (ELSA-2024-2113)
2024-05-06 00:00:00
RHEL 8 : pcs (RHSA-2024:2953)
2024-05-23 00:00:00
redhat
redhat
(RHSA-2024:2007) Moderate: pcs security update
2024-04-23 16:20:34
(RHSA-2024:2584) Moderate: pcs security update
2024-04-30 14:02:50
(RHSA-2024:3431) Moderate: pcs security update
2024-05-28 13:22:23
redos
redos
ROS-20240508-01
2024-05-08 00:00:00
amazon
amazon
Medium: pcs
2024-03-13 20:26:00
debian
debian
[SECURITY] [DLA 3800-1] ruby-rack security update
2024-04-29 09:44:25
[SECURITY] [DSA 5698-1] ruby-rack security update
2024-05-24 16:43:43
almalinux
almalinux
Moderate: pcs security update
2024-04-30 00:00:00
Moderate: pcs security update
2024-05-22 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0123)
2024-04-15 00:00:00
Debian: Security Advisory (DLA-3800-1)
2024-04-30 00:00:00
Debian: Security Advisory (DSA-5698-1)
2024-05-27 00:00:00
mageia
mageia
Updated ruby-rack packages fix security vulnerabilities
2024-04-12 23:45:19
oraclelinux
oraclelinux
pcs security update
2024-05-23 00:00:00
pcs security update
2024-05-02 00:00:00
rocky
rocky
pcs security update
2024-06-14 13:59:33
ubuntu
ubuntu
Rack vulnerabilities
2024-06-17 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.4%
Related for WOLFI:CVE-2024-25126