CVE-2025-49007 – rack

Package

Manager: gem
Name: rack
Vulnerable Version: >=3.1.0 <3.1.16

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

EPSS: 0.00068 pctl0.21425

Details

ReDoS Vulnerability in Rack::Multipart handle_mime_head ### Summary There is a denial of service vulnerability in the Content-Disposition parsing component of Rack. This is very similar to the previous security issue CVE-2022-44571. ### Details Carefully crafted input can cause Content-Disposition header parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. This header is used typically used in multipart parsing. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted. ### Credits Thanks to [scyoon](https://hackerone.com/scyoon) for reporting this to the Rails security team

Metadata

Created: 2025-06-05T05:21:34Z
Modified: 2025-06-05T20:15:06Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/06/GHSA-47m2-26rw-j2jw/GHSA-47m2-26rw-j2jw.json
CWE IDs: ["CWE-770"]
Alternative ID: GHSA-47m2-26rw-j2jw
Finding: F029
Auto approve: 1