​
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-6jhx-xgjg-cx6p

Published

Last updated

https://images.chainguard.dev/security/CGA-6jhx-xgjg-cx6p
Package

ruby3.2-rack

Latest Update
Fixed
Fixed Version

3.0.9.1-r0

Aliases
  • CVE-2024-25126
  • GHSA-22f2-v57c-j9cx

Severity

5.3

Medium

CVSS V3

Summary

Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial)

Description

Summary

module Rack
  class MediaType
    SPLIT_PATTERN = %r{\s*[;,]\s*}

The above regexp is subject to ReDos. 50K blank characters as a prefix to the header will take over 10s to split.

PoC

A simple HTTP request with lots of blank characters in the content-type header:

request["Content-Type"] = (" " * 50_000) + "a,"

Impact

It's a very easy to craft ReDoS. Like all ReDoS the impact is debatable.

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogResearchEventsTrust CenterDocumentation