CVE-2025-61771

Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser stores non-file form fields parts without a filename entirely in memory as Ruby String objects. A single large text field in a multipart/form-data request hundreds of megabytes or...

Rack 资源管理错误漏洞

Rack is a modular Ruby web server interface open-sourced by Rack. A resource management error vulnerability exists in Rack versions prior to 2.2.19, prior to 3.1.17, and prior to 3.2.2, which stems from unrestricted buffering of multipart leading code by Rack::Multipart::Parser, which can lead to...

WordPress plugin HTML5 Audio Player 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability...