VulnerableCode Package Details - pkg:rpm/redhat/pcs@0.11.4-7?arch=el9

Search for packages

Vulnerability	Summary	Fixed by
VCID-fpg2-nhey-rkcc Aliases: CVE-2023-27530 GHSA-3h57-hmj3-gj3p GMS-2023-663	Rack has possible DoS Vulnerability in Multipart MIME parsing There is a possible DoS vulnerability in the Multipart MIME parsing code in Rack. This vulnerability has been assigned the CVE identifier CVE-2023-27530. Versions Affected: All. Not affected: None Fixed Versions: 3.0.4.2, 2.2.6.3, 2.1.4.3, 2.0.9.3 # Impact The Multipart MIME parsing code in Rack limits the number of file parts, but does not limit the total number of parts that can be uploaded. Carefully crafted requests can abuse this and cause multipart parsing to take longer than expected. All users running an affected release should either upgrade or use one of the workarounds immediately. # Workarounds A proxy can be configured to limit the POST body size which will mitigate this issue.	There are no reported fixed by versions.
VCID-smqk-wkpq-c7ch Aliases: CVE-2023-2319	pcs: webpack: Regression of CVE-2023-28154 fixes in the Red Hat Enterprise Linux	There are no reported fixed by versions.
VCID-xkah-9nv9-wufd Aliases: CVE-2023-27539 GHSA-c6qg-cjj8-47qp GMS-2023-769	Possible Denial of Service Vulnerability in Rack’s header parsing There is a denial of service vulnerability in the header parsing component of Rack. Carefully crafted input can cause header parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse headers using Rack (virtually all Rails applications) are impacted. Workarounds Setting `Regexp.timeout` in Ruby 3.2 is a possible workaround.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-fpg2-nhey-rkcc
Aliases:
CVE-2023-27530
GHSA-3h57-hmj3-gj3p
GMS-2023-663

Rack has possible DoS Vulnerability in Multipart MIME parsing There is a possible DoS vulnerability in the Multipart MIME parsing code in Rack. This vulnerability has been assigned the CVE identifier CVE-2023-27530. Versions Affected: All. Not affected: None Fixed Versions: 3.0.4.2, 2.2.6.3, 2.1.4.3, 2.0.9.3 # Impact The Multipart MIME parsing code in Rack limits the number of file parts, but does not limit the total number of parts that can be uploaded. Carefully crafted requests can abuse this and cause multipart parsing to take longer than expected. All users running an affected release should either upgrade or use one of the workarounds immediately. # Workarounds A proxy can be configured to limit the POST body size which will mitigate this issue.

There are no reported fixed by versions.

VCID-smqk-wkpq-c7ch
Aliases:
CVE-2023-2319

pcs: webpack: Regression of CVE-2023-28154 fixes in the Red Hat Enterprise Linux

There are no reported fixed by versions.

VCID-xkah-9nv9-wufd
Aliases:
CVE-2023-27539
GHSA-c6qg-cjj8-47qp
GMS-2023-769

Possible Denial of Service Vulnerability in Rack’s header parsing There is a denial of service vulnerability in the header parsing component of Rack. Carefully crafted input can cause header parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse headers using Rack (virtually all Rails applications) are impacted. Workarounds Setting `Regexp.timeout` in Ruby 3.2 is a possible workaround.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:55:08.658067+00:00	RedHat Importer	Affected by	VCID-fpg2-nhey-rkcc	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27530.json	38.0.0
2026-04-01T13:55:02.539092+00:00	RedHat Importer	Affected by	VCID-xkah-9nv9-wufd	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27539.json	38.0.0
2026-04-01T13:53:56.601919+00:00	RedHat Importer	Affected by	VCID-smqk-wkpq-c7ch	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2319.json	38.0.0