SUSE update for rubygem-rack
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2025-25184 CVE-2025-27111 CVE-2025-27610 |
| CWE-ID | CWE-93 CWE-117 CWE-22 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SUSE Enterprise Server 15 SP3 Business Critical Operating systems & Components / Operating system SUSE Linux Enterprise High Availability Extension 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system SUSE Manager Retail Branch Server Operating systems & Components / Operating system SUSE Manager Server Operating systems & Components / Operating system SUSE Manager Proxy Operating systems & Components / Operating system ruby2.5-rubygem-rack-doc Operating systems & Components / Operating system package or component ruby2.5-rubygem-rack-testsuite Operating systems & Components / Operating system package or component ruby2.5-rubygem-rack Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) CRLF injection
EUVDB-ID: #VU105794
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-25184
CWE-ID:
CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to manipulate data log entries.
The vulnerability exists due to insufficient validation of attacker-supplied data in Rack::CommonLogger. A remote user can pass specially crafted authorization credentials containing CR-LF characters to the Rack::Auth::Basic method, which stores this info into the to the env['REMOTE_USER'] variable. If the application accepts CR-LF characters in user name, a remote user can manipulate data log entries.
Update the affected package rubygem-rack to the latest version.
Vulnerable software versionsSUSE Enterprise Server 15 SP3 Business Critical: Linux
SUSE Linux Enterprise High Availability Extension 15: SP3 - SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP3 - SP6
SUSE Linux Enterprise Server 15: SP3 - SP6
SUSE Linux Enterprise High Performance Computing 15: SP3 - SP5
SUSE Manager Retail Branch Server: 4.2 - 4.3
SUSE Manager Server: 4.2 - 4.3
SUSE Manager Proxy: 4.2 - 4.3
ruby2.5-rubygem-rack-doc: before 2.0.8-150000.3.26.1
ruby2.5-rubygem-rack-testsuite: before 2.0.8-150000.3.26.1
ruby2.5-rubygem-rack: before 2.0.8-150000.3.26.1
CPE2.3- cpe:2.3:o:suse:suse_enterprise_server_15_sp3_business_critical:Linux:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:suse:ruby2.5-rubygem-rack-doc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ruby2.5-rubygem-rack-testsuite:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ruby2.5-rubygem-rack:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20250874-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Output Neutralization for Logs
EUVDB-ID: #VU105795
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-27111
CWE-ID:
CWE-117 - Improper Output Neutralization for Logs
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to manipulate log entries.
The vulnerability exists due to improper input validation of the X-Sendfile-Type header in Rack::Sendfile when handling. A remote attacker can send specially crafted data containing newline characters via the affected header and manipulate log files.
Update the affected package rubygem-rack to the latest version.
Vulnerable software versionsSUSE Enterprise Server 15 SP3 Business Critical: Linux
SUSE Linux Enterprise High Availability Extension 15: SP3 - SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP3 - SP6
SUSE Linux Enterprise Server 15: SP3 - SP6
SUSE Linux Enterprise High Performance Computing 15: SP3 - SP5
SUSE Manager Retail Branch Server: 4.2 - 4.3
SUSE Manager Server: 4.2 - 4.3
SUSE Manager Proxy: 4.2 - 4.3
ruby2.5-rubygem-rack-doc: before 2.0.8-150000.3.26.1
ruby2.5-rubygem-rack-testsuite: before 2.0.8-150000.3.26.1
ruby2.5-rubygem-rack: before 2.0.8-150000.3.26.1
CPE2.3- cpe:2.3:o:suse:suse_enterprise_server_15_sp3_business_critical:Linux:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:suse:ruby2.5-rubygem-rack-doc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ruby2.5-rubygem-rack-testsuite:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ruby2.5-rubygem-rack:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20250874-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Path traversal
EUVDB-ID: #VU105796
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-27610
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in Rack::Static. A remote attacker can read arbitrary files on the system.
MitigationUpdate the affected package rubygem-rack to the latest version.
Vulnerable software versionsSUSE Enterprise Server 15 SP3 Business Critical: Linux
SUSE Linux Enterprise High Availability Extension 15: SP3 - SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP3 - SP6
SUSE Linux Enterprise Server 15: SP3 - SP6
SUSE Linux Enterprise High Performance Computing 15: SP3 - SP5
SUSE Manager Retail Branch Server: 4.2 - 4.3
SUSE Manager Server: 4.2 - 4.3
SUSE Manager Proxy: 4.2 - 4.3
ruby2.5-rubygem-rack-doc: before 2.0.8-150000.3.26.1
ruby2.5-rubygem-rack-testsuite: before 2.0.8-150000.3.26.1
ruby2.5-rubygem-rack: before 2.0.8-150000.3.26.1
CPE2.3- cpe:2.3:o:suse:suse_enterprise_server_15_sp3_business_critical:Linux:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:suse:ruby2.5-rubygem-rack-doc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ruby2.5-rubygem-rack-testsuite:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ruby2.5-rubygem-rack:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20250874-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
