Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x before 1.1.5, 1.2.x before 1.2.7, 1.3.x before 1.3.9, and 1.4.x before 1.4.4 allows remote attackers to cause a denial of service via unknown vectors related to "symbolized arbitrary strings."
| Score | Percentile |
|---|---|
| 0.68% | 71.50% |
No CVSS scores in this advisory.
| Type | Value |
|---|---|
| GHSA | GHSA-v882-ccj6-jc48 ↗ |
| CVE | CVE-2013-0184 ↗ |
Vulnerable version ranges and first patched releases as published by GitHub.
| Ecosystem | Package | Vulnerable range | First patched | Vulnerable functions |
|---|---|---|---|---|
| rubygems | rack | >= 1.1.0, < 1.1.5 | 1.1.5 | — |
| rubygems | rack | >= 1.2.0, < 1.2.7 | 1.2.7 | — |
| rubygems | rack | >= 1.3.0, < 1.3.9 | 1.3.9 | — |
| rubygems | rack | >= 1.4.0, < 1.4.4 | 1.4.4 | — |