Ubuntu Security Update USN-7366-1: Rack vulnerabilities

Thread starter LinuxBot
Start date Mar 25, 2025

LinuxBot

Member

Mar 25, 2025

#1

Nhật Thái Đỗ discovered that Rack incorrectly handled certain usernames. A remote attacker could possibly use this issue to perform CRLF injection. (CVE-2025-25184) Phạm Quang Minh discovered that Rack incorrectly handled certain headers. A remote attacker could possibly use this issue to perform log injection. (CVE-2025-27111) Phạm Quang Minh discovered that Rack did not properly handle relative file paths. A remote attacker could potentially exploit this to include local files that should have been inaccessible. (CVE-2025-27610)

Continue reading...

You must log in or register to reply here.

Similar threads

Ubuntu Security Update USN-7366-2: Rack vulnerabilities

Replies: 0

Views: 274

Jul 23, 2025

LinuxBot

Ubuntu Security Update USN-8066-1: Rack vulnerabilities

Replies: 0

Views: 159

Feb 27, 2026

LinuxBot

Ubuntu Security Update USN-8182-1: Rack vulnerabilities

Replies: 0

Views: 221

Apr 17, 2026

LinuxBot

Ubuntu Security Update USN-7960-1: Rack vulnerabilities

Replies: 0

Views: 133

Jan 15, 2026

LinuxBot

Ubuntu Security Update USN-8375-1: nginx vulnerabilities

Replies: 0

Views: 42

Wednesday at 5:52 PM

LinuxBot

Share:

Facebook X Bluesky LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

Follow Linux.org

Linux.org YouTube Channel

Staff online

f33dm3bits
Super Moderator

Members online

Total: 2,369 (members: 5, guests: 2,364)

Latest posts

O
VoxFox: the Linux screen-reader I had to build myself
- Latest: onzem
- 5 minutes ago
General Linux Topics
O
Recording and transcribing a meeting to create meeting minutes
- Latest: onzem
- 6 minutes ago
Linux Audio / Video
J
Ubuntu 26.04 Dock crashes
- Latest: Jens55
- 42 minutes ago
Ubuntu forum
MX23 boot options glitch
- Latest: morella
- 46 minutes ago
Debian and derivatives
Anyone remember the "kill" desktop application?
- Latest: GatorsFan
- Today at 4:34 AM
Desktop

Top