FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
f0798a6a-bbdb-11ed-ba99-080027f5fec9rack -- possible DoS vulnerability in multipart MIME parsing

Aaron Patterson reports:

The Multipart MIME parsing code in Rack limits the number of file parts, but does not limit the total number of parts that can be uploaded. Carefully crafted requests can abuse this and cause multipart parsing to take longer than expected.


Discovery 2023-03-03
Entry 2023-03-06
rubygem-rack
< 3.0.4.2,3

rubygem-rack22
< 2.2.6.3,3

rubygem-rack16
< 1.6.14

CVE-2023-27530
https://discuss.rubyonrails.org/t/cve-2023-27530-possible-dos-vulnerability-in-multipart-mime-parsing/82388