Red Hat Customer Portal

Skip to main content

CVE-2013-0184

Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x before 1.1.5, 1.2.x before 1.2.7, 1.3.x before 1.3.9, and 1.4.x before 1.4.4 allows remote attackers to cause a denial of service via unknown vectors related to "symbolized arbitrary strings."

Details Source

Mitre

Public Date

2012-05-04 00:00:00

Impact

Moderate

Bugzilla

CVE-2013-0184 rubygem-rack: Rack::Auth::AbstractRequest DoS

Bugzilla ID

895 384

CVSS Status

verified

Base Score

4.30

Base Metrics

AV:N/AC:M/Au:N/C:N/I:N/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat CloudForms Cloud Engine 1 (rubygem-rack) RHSA-2013:0548 2013-02-21
Red Hat CloudForms System Engine 1 (rubygem-rack) RHSA-2013:0548 2013-02-21
Red Hat Subscription Asset Manager 1.2 (rubygem-rack) RHSA-2013:0544 2013-02-21

CWE

CWE-400

Affected Packages State

Platform Package State
Red Hat OpenShift Enterprise 1 rubygem-rack Will not fix
Red Hat OpenShift Enterprise 1 rubygem193-rack Will not fix
Red Hat Enterprise MRG 2 rubygem-rack Affected
Red Hat CloudForms Tools 1 rubygem-rack Will not fix