Added CVE-2025-27111 for the rack gem.

postmodern · postmodern · commit 8ab1b435ef40 · 2025-03-05T12:12:15.000-08:00
diff --git a/gems/rack/CVE-2025-27111.yml b/gems/rack/CVE-2025-27111.yml
@@ -0,0 +1,43 @@
+---
+gem: rack
+cve: 2025-27111
+ghsa: 8cgq-6mh2-7j6v
+url: https://github.com/rack/rack/security/advisories/GHSA-8cgq-6mh2-7j6v
+title: Escape Sequence Injection vulnerability in
+  Rack lead to Possible Log Injection
+date: 2025-03-04
+description: |
+  ## Summary
+
+  `Rack::Sendfile` can be exploited by crafting input that
+  includes newline characters to manipulate log entries.
+
+  ## Details
+
+  The `Rack::Sendfile` middleware logs unsanitized header values from
+  the `X-Sendfile-Type` header. An attacker can exploit this by
+  injecting escape sequences (such as newline characters) into the
+  header, resulting in log injection.
+
+  ## Impact
+
+  This vulnerability can distort log files, obscure
+  attack traces, and complicate security auditing.
+
+  ## Mitigation
+
+  - Update to the latest version of Rack, or
+  - Remove usage of `Rack::Sendfile`.
+cvss_v4: 6.9
+patched_versions:
+  - "~> 2.2.12"
+  - "~> 3.0.13"
+  - ">= 3.1.11"
+related:
+  url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2025-27111
+    - https://github.com/rack/rack/security/advisories/GHSA-8cgq-6mh2-7j6v
+    - https://github.com/rack/rack/commit/803aa221e8302719715e224f4476e438f2531a53
+    - https://github.com/rack/rack/commit/aeac570bb8080ca7b53b7f2e2f67498be7ebd30b
+    - https://github.com/rack/rack/commit/b13bc6bfc7506aca3478dc5ac1c2ec6fc53f82a3
+    - https://github.com/advisories/GHSA-8cgq-6mh2-7j6v
