Denial of Service in rack-contrib via "profiler_runs" parameter

Published: May 27, 2024

CVSS v3.x: 8.6 (High)

>= 2.5.0

rack-contrib prior to version 2.5.0 is vulnerable to a Denial of Service via the profiler_runs HTTP request parameter.

Versions Affected: < 2.5.0 Fixed Versions: >= 2.5.0

Impact

An attacker can trigger a Denial of Service by sending an HTTP request with an overly large profiler_runs parameter.

curl  &quot;http://127.0.0.1:9292/?profiler_runs=9999999999&amp;profile=process_time&quot;

The fixed releases are available at the normal locations.

There are no feasible workarounds for this issue.