Updated advisory posts against rubysec/ruby-advisory-db@f50d023

Author: postmodern

advisories/_posts/2024-02-21-CVE-2024-25126.md

@@ -0,0 +1,65 @@
+---
+layout: advisory
+title: 'CVE-2024-25126 (rack): Denial of Service Vulnerability in Rack Content-Type
+  Parsing'
+comments: false
+categories:
+- rack
+advisory:
+  gem: rack
+  cve: 2024-25126
+  url: https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941
+  title: Denial of Service Vulnerability in Rack Content-Type Parsing
+  date: 2024-02-21
+  description: |
+    There is a possible denial of service vulnerability in the content type
+    parsing component of Rack. This vulnerability has been assigned the CVE
+    identifier CVE-2024-25126.
+
+    Versions Affected: >= 0.4 Not affected: < 0.4 Fixed Versions: 3.0.9.1, 2.2.8.1
+
+    # Impact
+
+    Carefully crafted content type headers can cause Rack’s media type parser to
+    take much longer than expected, leading to a possible denial of service
+    vulnerability.
+
+    Impacted code will use Rack’s media type parser to parse content type headers.
+    This code will look like below:
+
+    ```
+    request.media_type
+
+    ## OR
+    request.media_type_params
+
+    ## OR
+    Rack::MediaType.type(content_type)
+    ```
+
+    Some frameworks (including Rails) call this code internally, so upgrading is
+    recommended!
+
+    All users running an affected release should either upgrade or use one of the
+    workarounds immediately.
+
+    # Releases
+
+    The fixed releases are available at the normal locations.
+
+    # Workarounds
+
+    There are no feasible workarounds for this issue.
+  unaffected_versions:
+  - "< 0.4"
+  patched_versions:
+  - "~> 2.2.8, >= 2.2.8.1"
+  - ">= 3.0.9.1"
+  related:
+    url:
+    - https://github.com/rack/rack/releases/tag/v3.0.9.1
+    - https://github.com/rack/rack/releases/tag/v2.2.8.1
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-25126
+    - https://access.redhat.com/security/cve/cve-2024-25126
+    - https://ubuntu.com/security/CVE-2024-25126
+---

advisories/_posts/2024-02-21-CVE-2024-26141.md

@@ -0,0 +1,47 @@
+---
+layout: advisory
+title: 'CVE-2024-26141 (rack): Possible DoS Vulnerability with Range Header in Rack'
+comments: false
+categories:
+- rack
+advisory:
+  gem: rack
+  cve: 2024-26141
+  url: https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944
+  title: Possible DoS Vulnerability with Range Header in Rack
+  date: 2024-02-21
+  description: |
+    There is a possible DoS vulnerability relating to the Range request header in
+    Rack. This vulnerability has been assigned the CVE identifier CVE-2024-26141.
+
+    Versions Affected: >= 1.3.0. Not affected: < 1.3.0 Fixed Versions: 3.0.9.1, 2.2.8.1
+
+    # Impact
+
+    Carefully crafted Range headers can cause a server to respond with an
+    unexpectedly large response. Responding with such large responses could lead
+    to a denial of service issue.
+
+    Vulnerable applications will use the `Rack::File` middleware or the
+    `Rack::Utils.byte_ranges` methods (this includes Rails applications).
+
+    # Releases
+
+    The fixed releases are available at the normal locations.
+
+    # Workarounds
+
+    There are no feasible workarounds for this issue.
+  unaffected_versions:
+  - "< 1.3.0"
+  patched_versions:
+  - "~> 2.2.8, >= 2.2.8.1"
+  - ">= 3.0.9.1"
+  related:
+    url:
+    - https://github.com/rack/rack/releases/tag/v3.0.9.1
+    - https://github.com/rack/rack/releases/tag/v2.2.8.1
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-25141
+    - https://access.redhat.com/security/cve/cve-2024-26141
+    - https://ubuntu.com/security/CVE-2024-26141
+---

advisories/_posts/2024-02-21-CVE-2024-26146.md

@@ -0,0 +1,49 @@
+---
+layout: advisory
+title: 'CVE-2024-26146 (rack): Possible Denial of Service Vulnerability in Rack Header
+  Parsing'
+comments: false
+categories:
+- rack
+advisory:
+  gem: rack
+  cve: 2024-26146
+  url: https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942
+  title: Possible Denial of Service Vulnerability in Rack Header Parsing
+  date: 2024-02-21
+  description: |
+    There is a possible denial of service vulnerability in the header parsing
+    routines in Rack. This vulnerability has been assigned the CVE identifier
+    CVE-2024-26146.
+
+    Versions Affected: All. Not affected: None Fixed Versions: 2.0.9.4, 2.1.4.4, 2.2.8.1, 3.0.9.1
+
+    # Impact
+
+    Carefully crafted headers can cause header parsing in Rack to take longer than
+    expected resulting in a possible denial of service issue. `Accept` and
+    `Forwarded` headers are impacted.
+
+    Ruby 3.2 has mitigations for this problem, so Rack applications using
+    Ruby 3.2 or newer are unaffected.
+
+    # Releases
+
+    The fixed releases are available at the normal locations.
+
+    # Workarounds
+
+    There are no feasible workarounds for this issue.
+  patched_versions:
+  - "~> 2.0.9, >= 2.0.9.4"
+  - "~> 2.1.4, >= 2.1.4.4"
+  - "~> 2.2.8, >= 2.2.8.1"
+  - ">= 3.0.9.1"
+  related:
+    url:
+    - https://github.com/rack/rack/releases/tag/v3.0.9.1
+    - https://github.com/rack/rack/releases/tag/v2.2.8.1
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-26146
+    - https://access.redhat.com/security/cve/cve-2024-26146
+    - https://ubuntu.com/security/CVE-2024-26146
+---