GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4 advisories
Rack's multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)
High
CVE-2025-61772
was published
for
rack
(RubyGems)
Oct 7, 2025
Rack: Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
High
CVE-2025-61771
was published
for
rack
(RubyGems)
Oct 7, 2025
Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion)
High
CVE-2025-61770
was published
for
rack
(RubyGems)
Oct 7, 2025
Rack has an unsafe default in Rack::QueryParser allows params_limit bypass via semicolon-separated parameters
High
CVE-2025-59830
was published
for
rack
(RubyGems)
Sep 25, 2025
ProTip!
Advisories are also available from the
GraphQL API