CVE-2024-26146 - Slow HTTP DoS in Ruby’s Rack via Malicious Accept and Forwarded Headers
The world of web security is always evolving, and recently a critical vulnerability surfaced in the popular Ruby library, Rack. If your Ruby apps use
CVE-2024-25126 - How a Simple Header Can Take Down Your Ruby App (Rack Request Smuggling Explained)
In February 2024, a new security vulnerability hit the Ruby web world: CVE-2024-25126, affecting the widely used Rack library. Rack is a core piece behind
CVE-2024-26141 - Dangerous Ruby Rack File Range Headers Can Crash Your Web Server
If you’re running a Ruby web application (especially with Rails), this vulnerability should catch your attention. Discovered in February 2024, CVE-2024-26141 exposes a nasty
CVE-2023-27530 - Denial of Service in Ruby Rack via Multipart MIME Parsing (With Exploit Example)
In March 2023, a serious vulnerability was disclosed in the popular Ruby web server interface library, Rack. Tracked as CVE-2023-27530, this security flaw can allow
CVE-2022-44570 - Denial of Service Vulnerability in Rack’s Range Header Parsing – What You Need to Know
A new security issue tracked as CVE-2022-44570 brings significant attention to applications built with Ruby’s popular webserver interface, Rack. This vulnerability affects Rack versions
Episode
00:00:00
00:00:00