PT-2026-27260 · Rails+1 · Rails+1
Gannon Mcgibbon
·
Published
2026-03-23
·
Updated
2026-05-08
·
CVE-2026-33174
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Rails versions prior to 8.1.2.1
Rails versions prior to 8.0.4.1
Rails versions prior to 7.2.3.1
Description
Active Storage in Rails applications allows users to attach cloud and local files. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, the proxy controller in Active Storage's proxy delivery mode loads the entire requested byte range into memory before sending it. A request with a large or unbounded Range header, such as
bytes=0-, could cause the server to allocate memory proportional to the file size, potentially leading to a denial-of-service condition through memory exhaustion.Recommendations
Update to Rails version 8.1.2.1 or later.
Update to Rails version 8.0.4.1 or later.
Update to Rails version 7.2.3.1 or later.
Exploit
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rails
Red Os