Do you have GDPR compliance issues ?

Check out Legiscope a GDPR compliance software, that will save you weeks of work, automating your documentation, the training of your teams and all processes you need to keep your organisation compliant with privacy regulations

Rubygem-cgi_multipart_eof_fix

Jul 20, 2023

Fix an exploitable bug in CGI multipart parsing

Fixes an exploitable bug in CGI multipart parsing which affects Ruby <= 1.8.5. When multipart boundary attributes contain non-halting regular expression strings, the boundary searcher in the CGI module does not properly escape the parameter and will execute arbitrary regular expressions. This fix adds escaping for the user data.

* Affected application servers standalone CGI, Mongrel, WEBrick
* Unaffected FastCGI, Ruby 1.8.6 all servers
* Unknown mod_ruby

This fix will not modify versions of Ruby greater than 1.8.5, and is cumulative with previous CGI multipart vulnerability fixes.

Checkout these related ports:

Zope213 - Object-based web application platform Version 2.13
Zola - Fast static site generator
Zgrab2 - Fast Go application scanner
Zerowait-httpd - Lightweight and fast http server
Zenphoto - Simpler web photo gallery
Zend-framework - Framework for developing PHP web applications
Yuicompressor - The Yahoo! JavaScript and CSS Compressor
Ytdl - YouTube downloader written in Go
Yt-dlp - Command-line program for downloading videos from various platforms
Youtube_dl - Program for downloading videos from various services
Yourls - Your Own URL Shortener
You-get - Dumb downloader that scrapes the web
Yaws - Web server for dynamic content written in Erlang
Yarr - Yet another rss reader
Yarn - Package manager for node, alternative to npm (meta port)

RECENT POSTS

Do you have GDPR compliance issues ?

Rubygem-cgi_multipart_eof_fix

Fix an exploitable bug in CGI multipart parsing

Checkout these related ports: