[CVE-2024-25126] Denial of Service Vulnerability in Rack Content-Type Parsing

Disclosed: 2024-05-22 19:58:19 By svalkanov To ibb

Low

Vulnerability Details

I've made a report https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941 ## Impact Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability.

Actions

View on HackerOne

Report Stats

Report ID: 2446437
State: Closed
Substate: resolved
Upvotes: 27

[CVE-2024-25126] Denial of Service Vulnerability in Rack Content-Type Parsing

Vulnerability Details

Actions

Report Stats

Share this report