Known Vulnerabilities for Rack by Rack Project
Listed below are 10 of the newest known vulnerabilities associated with "Rack" by "Rack Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34829 json | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser only wraps ... | Not Provided | 2026-04-02 | 2026-06-30 |
| CVE-2026-34827 json | Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Mul... | Not Provided | 2026-04-02 | 2026-06-30 |
| CVE-2026-34785 json | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static determines whether a r... | Not Provided | 2026-04-02 | 2026-06-30 |
| CVE-2026-22860 json | Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, `Rack::Directory`’s path check us... | Not Provided | 2026-02-18 | 2026-06-30 |
| CVE-2026-7381 json | Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware:... | Not Provided | 2026-04-29 | 2026-04-30 |
| CVE-2024-47684 json | In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We hav... | Not Provided | 2024-10-21 | 2026-05-12 |
| CVE-2023-27530 json | A DoS vulnerability exists in Rack | 7.5 - HIGH
|
2023-03-10
|
2023-12-08
|
|
| CVE-2022-44572 json | A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 c... | 7.5 - HIGH | 2023-02-09 | 2023-12-08 |
| CVE-2022-44571 json | There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2... | 7.5 - HIGH | 2023-02-09 | 2023-12-08 |
| CVE-2022-44570 json | A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause... | 7.5 - HIGH | 2023-02-09 | 2023-12-08 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Rack Project | Rack | 2.2.3 | |||
| Application | Rack Project | Rack | 2.2.2 | |||
| Application | Rack Project | Rack | 2.2.1 | |||
| Application | Rack Project | Rack | 2.2.0 | |||
| Application | Rack Project | Rack | 2.1.4 | |||
| Application | Rack Project | Rack | 2.1.3 | |||
| Application | Rack Project | Rack | 2.1.2 | |||
| Application | Rack Project | Rack | 2.1.1 | |||
| Application | Rack Project | Rack | 2.1.0 | |||
| Application | Rack Project | Rack | 2.0.9 | |||
| Application | Rack Project | Rack | 2.0.8 | |||
| Application | Rack Project | Rack | 2.0.8 | |||
| Application | Rack Project | Rack | 2.0.7 | |||
| Application | Rack Project | Rack | 2.0.6 | |||
| Application | Rack Project | Rack | 2.0.5 | |||
| Application | Rack Project | Rack | 2.0.4 | |||
| Application | Rack Project | Rack | 2.0.3 | |||
| Application | Rack Project | Rack | 2.0.2 | |||
| Application | Rack Project | Rack | 2.0.1 | |||
| Application | Rack Project | Rack | 2.0.0 |