Vulnerabilities > Rack Project > Rack
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-13 | CVE-2018-16470 | Resource Exhaustion vulnerability in Rack Project Rack 2.0.4/2.0.5 There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. | 7.5 |
| 2015-07-26 | CVE-2015-3225 | Data Processing Errors vulnerability in multiple products lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth. | 5.0 |
| 2011-12-30 | CVE-2011-5036 | Cryptographic Issues vulnerability in Rack Project Rack Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. | 5.0 |