Fluid Attacks Database

Description

A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	ruby-rack	>=0 <2.2.4-1	2.2.4-1
debian 13	ruby-rack	>=0 <2.2.4-1	2.2.4-1
debian 14	ruby-rack	>=0 <2.2.4-1	2.2.4-1
rubygems	rack	>=1.2 <2.0.9.1 \|\| >=2.1 <2.1.4.1 \|\| >=2.2 <2.2.3.1	2.0.9.1, 2.1.4.1, 2.2.3.1
debian 11	ruby-rack	=2.1.4-3 \|\| >=0 <2.1.4-3+deb11u1	2.1.4-3+deb11u1
rpm rhel7	pcs	-	-

Aliases

References

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.