Lucene search

RubySecRUBY:RACK-CONTRIB-2024-35231

HistoryMay 26, 2024 - 9:00 p.m.

Denial of Service in rack-contrib via "profiler_runs" parameter

2024-05-2621:00:00

RubySec

nvd.nist.gov

denial of service

rack-contrib

http request

vulnerability

fixed versions

impact

security

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

6.9

Confidence

High

JSON

rack-contrib prior to version 2.5.0 is vulnerable to a Denial of Service
via the profiler_runs HTTP request parameter.

Versions Affected: < 2.5.0
Fixed Versions: >= 2.5.0

Impact

An attacker can trigger a Denial of Service by sending an HTTP request with
an overly large profiler_runs parameter.

curl  "http://127.0.0.1:9292/?profiler_runs=9999999999&profile=process_time"

Releases

The fixed releases are available at the normal locations.

Workarounds

There are no feasible workarounds for this issue.

Affected configurations

Vulners

Node

rubyrack-contribRange≤2.5.0

VendorProductVersionCPE
rubyrack-contrib*cpe:2.3:a:ruby:rack-contrib:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ruby	rack-contrib	*	cpe:2.3:a:ruby:rack-contrib::::::::

References

nvd.nist.gov/vuln/detail/CVE-2024-35231

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

6.9

Confidence

High

JSON

Related for RUBY:RACK-CONTRIB-2024-35231