Moderate severity vulnerability that affects rack

GHSA-9vc2-p34x-jhxh

Published Sep 17, 2018 · Modified Dec 2, 2024

Description

Withdrawn, accidental duplicate publish.

lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2015-3225
ADVISORY https://github.com/advisories/GHSA-9vc2-p34x-jhxh

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes