PT-2025-41595 · Nginx+11 · Nginx+11
Pirikara
·
Published
2025-10-10
·
Updated
2026-04-09
·
CVE-2025-61919
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Rack versions prior to 2.2.20
Rack versions prior to 3.1.18
Rack versions prior to 3.2.3
Description
Rack is a modular Ruby web server interface. In versions prior to 2.2.20, 3.1.18, and 3.2.3, the
Rack::Request#POST method reads the entire request body into memory when handling Content-Type: application/x-www-form-urlencoded requests without enforcing a length or cap. This can lead to a denial of service (DoS) through memory exhaustion if an attacker sends a large request body. The vulnerable code calls rack.input.read(nil) which allows unbounded reads of application/x-www-form-urlencoded bodies.Recommendations
Upgrade to Rack version 2.2.20 to address the issue.
Upgrade to Rack version 3.1.18 to address the issue.
Upgrade to Rack version 3.2.3 to address the issue.
Enforce strict maximum body size at the proxy or web server layer, such as using
client max body size in Nginx or LimitRequestBody in Apache.Exploit
Fix
DoS
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Almalinux
Apache
Centos
Debian
Linuxmint
Nginx
Rack
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu