Red Hat: CVE-2023-27530: Denial of service in Multipart MIME parsing (Multiple Advisories)

Red Hat: CVE-2023-27530: Denial of service in Multipart MIME parsing (Multiple Advisories)

Severity

8

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

03/10/2023

Created

05/05/2023

Added

04/26/2023

Modified

01/28/2025

Description

A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.

Solution(s)

• redhat-upgrade-pcs
• redhat-upgrade-pcs-snmp

References

• CVE-2023-27530
• RHSA-2023:1961
• RHSA-2023:1981
• RHSA-2023:2652
• RHSA-2023:3082
• RHSA-2023:3403