Vulnerabilities > Rack Project

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-13	CVE-2018-16470	Resource Exhaustion vulnerability in Rack Project Rack 2.0.4/2.0.5 There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. network low complexity rack-project CWE-400	7.5
2015-07-26	CVE-2015-3225	Data Processing Errors vulnerability in multiple products lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth. network low complexity rack-project opensuse debian CWE-19	5.0
2011-12-30	CVE-2011-5036	Cryptographic Issues vulnerability in Rack Project Rack Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. network low complexity rack-project CWE-310	5.0

Vulnerabilities > Rack Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Rack Project"}]}