3 matches found
GHSA-MR3Q-G2MV-MR4Q Sinatra is vulnerable to ReDoS through ETag header value generation
Summary There is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response and you are using Ruby = 3.2...
CVE-2025-61921 Sinatra has ReDoS vulnerability in ETag header value generation
Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...
Denial Of Service (DoS)
org.springframework,spring-web is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of ETags from If-Match or If-None-Match request headers, allowing attackers to overwhelm the system and cause service disruption...