CVE-2026-34831 | Rack up to 2.2.22/3.1.20/3.2.5 Response Header Rack::Files Content-Length length parameter (GHSA-q2ww-5357-x388)

Inserito da Angelo Barbosa | Apr 2, 2026 | CVE

A vulnerability has been found in Rack up to 2.2.22/3.1.20/3.2.5 and classified as problematic. This affects the function Rack::Files of the component Response Header Handler. Performing a manipulation of the argument Content-Length results in improper handling of length parameter inconsistency.

This vulnerability is known as CVE-2026-34831. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.

CVE-2026-34831 | Rack up to 2.2.22/3.1.20/3.2.5 Response Header Rack::Files Content-Length length parameter (GHSA-q2ww-5357-x388)

Post correlati

CVE-2024-34821 | Contact List Plugin up to 2.9.87 on WordPress authorization

CVE-2025-4456 | Project Worlds Car Rental Project 1.0 /signup.php fname sql injection

CVE-2024-26329 | Chilkat prior 9.5.0.98 ChilkatRand::randomBytes entropy

CVE-2024-30530 | Sonaar Music MP3 Audio Player for Music, Radio & Podcast Plugin cross site scripting