प्लेटफ़ॉर्म
ruby
घटक
rack
में ठीक किया गया
2.2.20
3.1.1
3.2.1
2.2.19
CVE-2025-61770 describes a Denial of Service (DoS) vulnerability within the Rack::Multipart::Parser component of the Rack library. An attacker can exploit this flaw by sending a large multipart preamble, exceeding memory limits and potentially causing process termination. This vulnerability impacts Rack versions 2.2.9 and earlier, with a fix available in version 2.2.19.
The core issue lies in the Rack::Multipart::Parser's handling of the multipart preamble. The parser buffers the entire preamble in memory without enforcing a size limit. A malicious client can craft a request with an exceptionally large preamble, followed by a valid boundary. This excessive memory consumption can lead to an out-of-memory (OOM) condition, resulting in the Rack application process crashing or becoming unresponsive. The blast radius extends to any application relying on Rack for handling multipart requests, potentially impacting multiple services and users. This vulnerability is similar to other memory exhaustion attacks where an attacker overwhelms a system's resources to cause a denial of service.
CVE-2025-61770 was publicly disclosed on 2025-10-07. No public proof-of-concept (PoC) code has been released as of this writing. The vulnerability's severity is rated HIGH (CVSS:7.5), indicating a moderate probability of exploitation. It is not currently listed on the CISA KEV catalog.
Applications built using the Ruby Rack framework, particularly those handling file uploads or other multipart data, are at risk. This includes web applications, APIs, and services that rely on Rack for request processing. Systems with older Rack versions (≤2.2.9) are particularly vulnerable.
• ruby / server:
ps aux | grep -i rack | grep -i multipart• ruby / server:
journalctl -u your_rack_app -g 'memory exhaustion' --since '1h'• generic web: Use a WAF to monitor for unusually large multipart requests (Content-Length header exceeding a reasonable threshold).
disclosure
एक्सप्लॉइट स्थिति
EPSS
0.16% (37% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation is to upgrade to Rack version 2.2.19 or later, which includes a fix for this vulnerability. If an immediate upgrade is not feasible, consider implementing temporary workarounds. One approach is to configure the web server or application to limit the maximum request size for multipart uploads. Another potential mitigation involves using a WAF (Web Application Firewall) to filter requests with excessively large multipart preambles. Monitor application logs for signs of memory exhaustion or process crashes, which could indicate exploitation attempts. After upgrade, confirm by sending a test multipart request with a large preamble and verifying that the application does not crash.
Actualice la gema Rack a la versión 2.2.19, 3.1.17 o 3.2.2 o superior. Esto corrige la vulnerabilidad limitando el tamaño del preámbulo multipart. Alternativamente, limite el tamaño total del cuerpo de la solicitud en el proxy o servidor web.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2025-61770 is a Denial of Service vulnerability in the Rack::Multipart::Parser component of the Rack library, allowing an attacker to cause memory exhaustion by sending a large multipart preamble.
You are affected if you are using Rack versions 2.2.9 or earlier. Upgrade to 2.2.19 or later to resolve the vulnerability.
Upgrade to Rack version 2.2.19 or later. As a temporary workaround, limit the maximum request size for multipart uploads or use a WAF to filter large requests.
As of now, there are no confirmed reports of active exploitation, but the vulnerability's severity warrants proactive mitigation.
Refer to the official Rack project website and security advisories for the latest information and updates regarding CVE-2025-61770.
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।
अपनी Gemfile.lock फ़ाइल अपलोड करें और तुरंत जानें कि आप प्रभावित हैं या नहीं।