Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

SUSE-SU-2024:0946-1 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceSUSE-SU-2024:0946-1

SUSE-SU-2024:0946-1

UNKNOWN

Security update for rubygem-rack-1_4

Published Mar 20, 2024

Modified 1 years ago

Fix available

Details

This update for rubygem-rack-1_4 fixes the following issues:

CVE-2024-25126: Fixed a Denial of Service Vulnerability in Rack Content-Type Parsing (bsc#1220239)
CVE-2024-26141: Fixed a Denial of Service Vulnerability in Range request header parsing (bsc#1220242)
CVE-2024-26146: Fixed a Denial of Service vulnerability in Rack headers parsing routine (bsc#1220248)

Affected Packages

ruby2.1-rubygem-rack-1_4

SUSE Linux Enterprise Module for Containers 12

Fixed in:

1.4.5-9.3.1

rubygem-rack-1_4

SUSE Linux Enterprise Module for Containers 12

Fixed in:

1.4.5-9.3.1

References

https://bugzilla.suse.com/1220239

https://bugzilla.suse.com/1220242

https://bugzilla.suse.com/1220248

https://www.suse.com/security/cve/CVE-2024-25126

https://www.suse.com/security/cve/CVE-2024-26141

https://www.suse.com/security/cve/CVE-2024-26146

https://www.suse.com/support/update/announcement/2024/suse-su-20240946-1/

Upstream

CVE-2024-25126 CVE-2024-26141 CVE-2024-26146

Related

CVE-2024-25126 CVE-2024-26141 CVE-2024-26146

Ecosystems

SUSE Linux Enterprise Module for Containers 12

Timeline

PublishedMar 20, 2024

ModifiedMar 20, 2024