Potential Denial of Service Vulnerability in Rack
Published: June 16, 2015
SECURITY IDENTIFIERS
- CVE: CVE-2015-3225 (NVD)
- GHSA: GHSA-rgr4-9jh5-j4j6
- Vendor Advisory: https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc
GEM
PATCHED VERSIONS
>= 1.6.2
~> 1.5.4
~> 1.4.6
DESCRIPTION
Carefully crafted requests can cause a SystemStackError and potentially
cause a denial of service attack.
All users running an affected release should upgrade.