VIR Vulnerability Intelligence Relay

CVE-2013-0184

medium
Published 2013-01-13 · Modified 2024-12-07
CVSS v3
CVSS v2
4.3
VIR risk
4.3

Description

Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x before 1.1.5, 1.2.x before 1.2.7, 1.3.x before 1.3.9, and 1.4.x before 1.4.4 allows remote attackers to cause a denial of service via unknown vectors related to "symbolized arbitrary strings."

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2013-0184

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed1.4.1-2.1
debian debianbullseyefixed1.4.1-2.1
debian debianforkyfixed1.4.1-2.1
debian debiansidfixed1.4.1-2.1
debian debiantrixiefixed1.4.1-2.1

Package impact
EcosystemPackageVulnerableFixed
ruby RubyGemsrack<~> 1.1.5~> 1.1.5
ruby RubyGemsrack>=1.1.0,<1.1.51.1.5
ruby RubyGemsrack>=1.2.0,<1.2.71.2.7
ruby RubyGemsrack>=1.3.0,<1.3.91.3.9
ruby RubyGemsrack>=1.4.0,<1.4.41.4.4

Application impact
VendorProductVersionsFixed
rack_projectrack1.1.0
rack_projectrack1.1.2
rack_projectrack1.1.3
rack_projectrack1.1.4
rack_projectrack1.2.0
rack_projectrack1.2.1
rack_projectrack1.2.2
rack_projectrack1.2.3
rack_projectrack1.2.4
rack_projectrack1.2.6
rack_projectrack1.3.0
rack_projectrack1.3.1
rack_projectrack1.3.2
rack_projectrack1.3.3
rack_projectrack1.3.4
rack_projectrack1.3.5
rack_projectrack1.3.6
rack_projectrack1.3.7
rack_projectrack1.3.8
rack_projectrack1.4.0
rack_projectrack1.4.1
rack_projectrack1.4.2
rack_projectrack1.4.3

References

Verify integrity in audit chain (admin only). AS-IS.