Known Vulnerabilities for Rack by Rack Project
Listed below are 10 of the newest known vulnerabilities associated with "Rack" by "Rack Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-39324 json | Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly ... | Not Provided | 2026-04-07 | 2026-04-08 |
| CVE-2026-34835 json | Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Req... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-34831 json | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Files#fail sets the Content-L... | Not Provided | 2026-04-02 | 2026-04-03 |
| CVE-2026-34830 json | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Sendfile#map_accel_path inter... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-34829 json | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser only wraps ... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-34827 json | Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Mul... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-34826 json | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Utils.get_byte_ranges parses ... | Not Provided | 2026-04-02 | 2026-04-03 |
| CVE-2026-34786 json | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static#applicable_rules evalu... | Not Provided | 2026-04-02 | 2026-04-03 |
| CVE-2026-34785 json | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static determines whether a r... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-34763 json | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Directory interpolates the co... | Not Provided | 2026-04-02 | 2026-04-02 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Rack Project | Rack | 2.2.3 | |||
| Application | Rack Project | Rack | 2.2.2 | |||
| Application | Rack Project | Rack | 2.2.1 | |||
| Application | Rack Project | Rack | 2.2.0 | |||
| Application | Rack Project | Rack | 2.1.4 | |||
| Application | Rack Project | Rack | 2.1.3 | |||
| Application | Rack Project | Rack | 2.1.2 | |||
| Application | Rack Project | Rack | 2.1.1 | |||
| Application | Rack Project | Rack | 2.1.0 | |||
| Application | Rack Project | Rack | 2.0.9 | |||
| Application | Rack Project | Rack | 2.0.8 | |||
| Application | Rack Project | Rack | 2.0.8 | |||
| Application | Rack Project | Rack | 2.0.7 | |||
| Application | Rack Project | Rack | 2.0.6 | |||
| Application | Rack Project | Rack | 2.0.5 | |||
| Application | Rack Project | Rack | 2.0.4 | |||
| Application | Rack Project | Rack | 2.0.3 | |||
| Application | Rack Project | Rack | 2.0.2 | |||
| Application | Rack Project | Rack | 2.0.1 | |||
| Application | Rack Project | Rack | 2.0.0 |