CVE-2023-27530

Опубликовано: 10 мар. 2023

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 7.5

Описание

A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.

Релиз	Статус	Примечание
bionic	ignored	end of standard support
devel	not-affected	2.2.7-1
esm-apps/bionic	ignored	intrusive backport
esm-apps/focal	released	2.0.7-2ubuntu0.1+esm4
esm-apps/jammy	released	2.1.4-5ubuntu1+esm4
esm-apps/xenial	ignored	intrusive backport
esm-infra-legacy/trusty	ignored	intrusive backport
focal	ignored	end of standard support, was needed
jammy	released	2.1.4-5ubuntu1.1
kinetic	ignored	end of life, was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 83%

0.01866

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2023-27530

CVSS3: 7.5

redhat

больше 2 лет назад

CVE-2023-27530

CVSS3: 7.5

nvd

больше 2 лет назад

CVE-2023-27530

CVSS3: 7.5

debian

больше 2 лет назад

A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and ...

SUSE-SU-2023:0725-1

suse-cvrf

больше 2 лет назад

Security update for rubygem-rack

GHSA-3h57-hmj3-gj3p

CVSS3: 7.5

github

больше 2 лет назад

Rack has possible DoS Vulnerability in Multipart MIME parsing

EPSS

Процентиль: 83%

0.01866

Низкий

7.5 High

CVSS3

CVE-2023-27530

Описание

Пакет ruby-rack

Ссылки на источники

Связанные уязвимости