ADVISORIES
- CVE-2013-0183 (NVD)
- GHSA-3pxh-h8hw-mj8w
- OSVDB-89320
GEM
SEVERITY
CVSS v2.0: 5.0 (Medium)
PATCHED VERSIONS
- ~> 1.3.8
- >= 1.4.3
DESCRIPTION
multipart/parser.rb in Rack 1.3.x before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.