Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie
Typedeb
Namespacedebian
Nameruby-rack
Version3.1.18-1~deb13u1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.1.18-1
Latest_non_vulnerable_version3.2.6-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2zdv-mr4w-zkfg
vulnerability_id VCID-2zdv-mr4w-zkfg
summary rubygem-rack: Improper handling of headers in `Rack::Sendfile` may allow proxy bypass
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61780.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61780.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61780
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01466
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61780
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61780
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
5
reference_url https://github.com/rack/rack/commit/57277b7741581fa827472c5c666f6e6a33abd784
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-10T20:34:55Z/
url https://github.com/rack/rack/commit/57277b7741581fa827472c5c666f6e6a33abd784
6
reference_url https://github.com/rack/rack/commit/7e69f65eefe9cd2868df9f9f3b0977b86f93523a
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-10T20:34:55Z/
url https://github.com/rack/rack/commit/7e69f65eefe9cd2868df9f9f3b0977b86f93523a
7
reference_url https://github.com/rack/rack/commit/fba2c8bc63eb787ff4b19bc612d315fda6126d85
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-10T20:34:55Z/
url https://github.com/rack/rack/commit/fba2c8bc63eb787ff4b19bc612d315fda6126d85
8
reference_url https://github.com/rack/rack/security/advisories/GHSA-r657-rxjc-j557
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements
1
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-10T20:34:55Z/
url https://github.com/rack/rack/security/advisories/GHSA-r657-rxjc-j557
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-61780.yml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-61780.yml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-61780
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-61780
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117855
reference_id 1117855
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117855
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2403126
reference_id 2403126
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2403126
13
reference_url https://github.com/advisories/GHSA-r657-rxjc-j557
reference_id GHSA-r657-rxjc-j557
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r657-rxjc-j557
14
reference_url https://usn.ubuntu.com/7960-1/
reference_id USN-7960-1
reference_type
scores
url https://usn.ubuntu.com/7960-1/
fixed_packages
0
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.20-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.22-0%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1%3Fdistro=trixie
5
url pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1%3Fdistro=trixie
6
url pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.20-0%252Bdeb13u1%3Fdistro=trixie
7
url pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
purl pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie
aliases CVE-2025-61780, GHSA-r657-rxjc-j557
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zdv-mr4w-zkfg
1
url VCID-8kwp-wuv8-gqf8
vulnerability_id VCID-8kwp-wuv8-gqf8
summary rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61919.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61919.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61919
reference_id
reference_type
scores
0
value 0.00282
scoring_system epss
scoring_elements 0.51764
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61919
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61919
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61919
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
5
reference_url https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-10T20:48:10Z/
url https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881
6
reference_url https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-10T20:48:10Z/
url https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db
7
reference_url https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-10T20:48:10Z/
url https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f
8
reference_url https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-10T20:48:10Z/
url https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-61919.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-61919.yml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-61919
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-61919
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117856
reference_id 1117856
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117856
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2403180
reference_id 2403180
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2403180
13
reference_url https://github.com/advisories/GHSA-6xw4-3v39-52mm
reference_id GHSA-6xw4-3v39-52mm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6xw4-3v39-52mm
14
reference_url https://access.redhat.com/errata/RHSA-2025:19512
reference_id RHSA-2025:19512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19512
15
reference_url https://access.redhat.com/errata/RHSA-2025:19513
reference_id RHSA-2025:19513
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19513
16
reference_url https://access.redhat.com/errata/RHSA-2025:19647
reference_id RHSA-2025:19647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19647
17
reference_url https://access.redhat.com/errata/RHSA-2025:19719
reference_id RHSA-2025:19719
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19719
18
reference_url https://access.redhat.com/errata/RHSA-2025:19733
reference_id RHSA-2025:19733
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19733
19
reference_url https://access.redhat.com/errata/RHSA-2025:19734
reference_id RHSA-2025:19734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19734
20
reference_url https://access.redhat.com/errata/RHSA-2025:19736
reference_id RHSA-2025:19736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19736
21
reference_url https://access.redhat.com/errata/RHSA-2025:19800
reference_id RHSA-2025:19800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19800
22
reference_url https://access.redhat.com/errata/RHSA-2025:19832
reference_id RHSA-2025:19832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19832
23
reference_url https://access.redhat.com/errata/RHSA-2025:19855
reference_id RHSA-2025:19855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19855
24
reference_url https://access.redhat.com/errata/RHSA-2025:19856
reference_id RHSA-2025:19856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19856
25
reference_url https://access.redhat.com/errata/RHSA-2025:19948
reference_id RHSA-2025:19948
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19948
26
reference_url https://access.redhat.com/errata/RHSA-2025:20962
reference_id RHSA-2025:20962
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:20962
27
reference_url https://access.redhat.com/errata/RHSA-2025:21036
reference_id RHSA-2025:21036
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21036
28
reference_url https://access.redhat.com/errata/RHSA-2025:21696
reference_id RHSA-2025:21696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21696
29
reference_url https://usn.ubuntu.com/7960-1/
reference_id USN-7960-1
reference_type
scores
url https://usn.ubuntu.com/7960-1/
fixed_packages
0
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.20-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.22-0%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1%3Fdistro=trixie
5
url pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1%3Fdistro=trixie
6
url pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.20-0%252Bdeb13u1%3Fdistro=trixie
7
url pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
purl pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie
aliases CVE-2025-61919, GHSA-6xw4-3v39-52mm
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8kwp-wuv8-gqf8
2
url VCID-9dqs-zbmn-b7e4
vulnerability_id VCID-9dqs-zbmn-b7e4
summary rack: Rack memory exhaustion denial of service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61772.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61772.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61772
reference_id
reference_type
scores
0
value 0.00324
scoring_system epss
scoring_elements 0.55636
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61772
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61772
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61772
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
5
reference_url https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T17:51:19Z/
url https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e
6
reference_url https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T17:51:19Z/
url https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e
7
reference_url https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T17:51:19Z/
url https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd
8
reference_url https://github.com/rack/rack/security/advisories/GHSA-wpv5-97wm-hp9c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T17:51:19Z/
url https://github.com/rack/rack/security/advisories/GHSA-wpv5-97wm-hp9c
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-61772.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-61772.yml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-61772
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-61772
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117627
reference_id 1117627
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117627
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2402200
reference_id 2402200
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2402200
13
reference_url https://github.com/advisories/GHSA-wpv5-97wm-hp9c
reference_id GHSA-wpv5-97wm-hp9c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wpv5-97wm-hp9c
14
reference_url https://access.redhat.com/errata/RHSA-2025:19512
reference_id RHSA-2025:19512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19512
15
reference_url https://access.redhat.com/errata/RHSA-2025:19513
reference_id RHSA-2025:19513
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19513
16
reference_url https://access.redhat.com/errata/RHSA-2025:19647
reference_id RHSA-2025:19647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19647
17
reference_url https://access.redhat.com/errata/RHSA-2025:19719
reference_id RHSA-2025:19719
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19719
18
reference_url https://access.redhat.com/errata/RHSA-2025:19733
reference_id RHSA-2025:19733
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19733
19
reference_url https://access.redhat.com/errata/RHSA-2025:19734
reference_id RHSA-2025:19734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19734
20
reference_url https://access.redhat.com/errata/RHSA-2025:19736
reference_id RHSA-2025:19736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19736
21
reference_url https://access.redhat.com/errata/RHSA-2025:19800
reference_id RHSA-2025:19800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19800
22
reference_url https://access.redhat.com/errata/RHSA-2025:19948
reference_id RHSA-2025:19948
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19948
23
reference_url https://access.redhat.com/errata/RHSA-2025:20962
reference_id RHSA-2025:20962
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:20962
24
reference_url https://access.redhat.com/errata/RHSA-2025:21036
reference_id RHSA-2025:21036
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21036
25
reference_url https://usn.ubuntu.com/7960-1/
reference_id USN-7960-1
reference_type
scores
url https://usn.ubuntu.com/7960-1/
fixed_packages
0
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.20-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.22-0%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1%3Fdistro=trixie
5
url pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1%3Fdistro=trixie
6
url pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.20-0%252Bdeb13u1%3Fdistro=trixie
7
url pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
purl pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie
aliases CVE-2025-61772, GHSA-wpv5-97wm-hp9c
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9dqs-zbmn-b7e4
3
url VCID-dzhg-3hy9-w3gv
vulnerability_id VCID-dzhg-3hy9-w3gv
summary rack: Rack's multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61771.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61771.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61771
reference_id
reference_type
scores
0
value 0.00107
scoring_system epss
scoring_elements 0.2864
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61771
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61771
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61771
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
5
reference_url https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T17:51:58Z/
url https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e
6
reference_url https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T17:51:58Z/
url https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e
7
reference_url https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T17:51:58Z/
url https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd
8
reference_url https://github.com/rack/rack/security/advisories/GHSA-w9pc-fmgc-vxvw
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T17:51:58Z/
url https://github.com/rack/rack/security/advisories/GHSA-w9pc-fmgc-vxvw
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-61771.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-61771.yml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-61771
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-61771
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117628
reference_id 1117628
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117628
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2402175
reference_id 2402175
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2402175
13
reference_url https://github.com/advisories/GHSA-w9pc-fmgc-vxvw
reference_id GHSA-w9pc-fmgc-vxvw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w9pc-fmgc-vxvw
14
reference_url https://access.redhat.com/errata/RHSA-2025:19512
reference_id RHSA-2025:19512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19512
15
reference_url https://access.redhat.com/errata/RHSA-2025:19513
reference_id RHSA-2025:19513
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19513
16
reference_url https://access.redhat.com/errata/RHSA-2025:19647
reference_id RHSA-2025:19647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19647
17
reference_url https://access.redhat.com/errata/RHSA-2025:19719
reference_id RHSA-2025:19719
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19719
18
reference_url https://access.redhat.com/errata/RHSA-2025:19734
reference_id RHSA-2025:19734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19734
19
reference_url https://access.redhat.com/errata/RHSA-2025:19800
reference_id RHSA-2025:19800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19800
20
reference_url https://access.redhat.com/errata/RHSA-2025:19948
reference_id RHSA-2025:19948
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19948
21
reference_url https://access.redhat.com/errata/RHSA-2025:20962
reference_id RHSA-2025:20962
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:20962
22
reference_url https://access.redhat.com/errata/RHSA-2025:21036
reference_id RHSA-2025:21036
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21036
23
reference_url https://access.redhat.com/errata/RHSA-2025:21696
reference_id RHSA-2025:21696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21696
24
reference_url https://usn.ubuntu.com/7960-1/
reference_id USN-7960-1
reference_type
scores
url https://usn.ubuntu.com/7960-1/
fixed_packages
0
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.20-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.22-0%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1%3Fdistro=trixie
5
url pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1%3Fdistro=trixie
6
url pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.20-0%252Bdeb13u1%3Fdistro=trixie
7
url pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
purl pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie
aliases CVE-2025-61771, GHSA-w9pc-fmgc-vxvw
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzhg-3hy9-w3gv
4
url VCID-juuh-9psh-yyar
vulnerability_id VCID-juuh-9psh-yyar
summary rack: Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61770.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61770.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61770
reference_id
reference_type
scores
0
value 0.00266
scoring_system epss
scoring_elements 0.5021
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61770
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61770
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61770
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
5
reference_url https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T15:23:07Z/
url https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e
6
reference_url https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T15:23:07Z/
url https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e
7
reference_url https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T15:23:07Z/
url https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd
8
reference_url https://github.com/rack/rack/security/advisories/GHSA-p543-xpfm-54cp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-07T15:23:07Z/
url https://github.com/rack/rack/security/advisories/GHSA-p543-xpfm-54cp
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-61770.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-61770.yml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-61770
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-61770
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117627
reference_id 1117627
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117627
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2402174
reference_id 2402174
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2402174
13
reference_url https://github.com/advisories/GHSA-p543-xpfm-54cp
reference_id GHSA-p543-xpfm-54cp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p543-xpfm-54cp
14
reference_url https://access.redhat.com/errata/RHSA-2025:19512
reference_id RHSA-2025:19512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19512
15
reference_url https://access.redhat.com/errata/RHSA-2025:19513
reference_id RHSA-2025:19513
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19513
16
reference_url https://access.redhat.com/errata/RHSA-2025:19647
reference_id RHSA-2025:19647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19647
17
reference_url https://access.redhat.com/errata/RHSA-2025:19719
reference_id RHSA-2025:19719
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19719
18
reference_url https://access.redhat.com/errata/RHSA-2025:19733
reference_id RHSA-2025:19733
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19733
19
reference_url https://access.redhat.com/errata/RHSA-2025:19734
reference_id RHSA-2025:19734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19734
20
reference_url https://access.redhat.com/errata/RHSA-2025:19736
reference_id RHSA-2025:19736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19736
21
reference_url https://access.redhat.com/errata/RHSA-2025:19800
reference_id RHSA-2025:19800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19800
22
reference_url https://access.redhat.com/errata/RHSA-2025:19948
reference_id RHSA-2025:19948
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19948
23
reference_url https://access.redhat.com/errata/RHSA-2025:20962
reference_id RHSA-2025:20962
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:20962
24
reference_url https://access.redhat.com/errata/RHSA-2025:21036
reference_id RHSA-2025:21036
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21036
25
reference_url https://access.redhat.com/errata/RHSA-2025:21696
reference_id RHSA-2025:21696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21696
26
reference_url https://usn.ubuntu.com/7960-1/
reference_id USN-7960-1
reference_type
scores
url https://usn.ubuntu.com/7960-1/
fixed_packages
0
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.20-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ruby-rack@2.2.22-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.22-0%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1%3Fdistro=trixie
5
url pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1%3Fdistro=trixie
6
url pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ruby-rack@3.1.20-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pt2-23bn-7qev
1
vulnerability VCID-21pz-m7dy-8bey
2
vulnerability VCID-3bh7-vrvj-p3g1
3
vulnerability VCID-6hht-91zy-fqdf
4
vulnerability VCID-6t6w-vvzt-fqd9
5
vulnerability VCID-7pey-8xge-1fbz
6
vulnerability VCID-8rbg-wrmj-1bcu
7
vulnerability VCID-dchf-rhvg-zycw
8
vulnerability VCID-j3e9-y38h-xbbu
9
vulnerability VCID-mftr-ma4j-mbhy
10
vulnerability VCID-tzca-xm43-xugs
11
vulnerability VCID-vch5-2deq-euaq
12
vulnerability VCID-x316-jquh-63ek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.20-0%252Bdeb13u1%3Fdistro=trixie
7
url pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
purl pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie
aliases CVE-2025-61770, GHSA-p543-xpfm-54cp
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-juuh-9psh-yyar
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1%3Fdistro=trixie