Rack's greedy multipart boundary parsing can cause parser differentials and WAF bypass.

Summary Rack::Multipart::Parser extracts the boundary parameter from multipart/form-data using a greedy regular expression. When a Content-Type header contains multiple boundary parameters, Rack selects the last one rather than the first. In deployments where an upstream proxy, WAF, or intermedia...

Denial Of Service (DoS)

waitress is vulnerable to denial of service DoS. The vulnerability exists as catastrophic backtracking could occur through the use of a greedy regular expression that does not conform to RFC7230, and subsequently used to validate HTTP headers...