VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-47ja-djzb-2bbw

Essentials
Severities (31)
References (28)
Severity details (22)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-47ja-djzb-2bbw
Aliases	CVE-2025-46727 GHSA-gjh7-p2fx-99vx
Summary	Rack has an Unbounded-Parameter DoS in Rack::QueryParser ## Summary `Rack::QueryParser` parses query strings and `application/x-www-form-urlencoded` bodies into Ruby data structures without imposing any limit on the number of parameters, allowing attackers to send requests with extremely large numbers of parameters. ## Details The vulnerability arises because `Rack::QueryParser` iterates over each `&`-separated key-value pair and adds it to a Hash without enforcing an upper bound on the total number of parameters. This allows an attacker to send a single request containing hundreds of thousands (or more) of parameters, which consumes excessive memory and CPU during parsing. ## Impact An attacker can trigger denial of service by sending specifically crafted HTTP requests, which can cause memory exhaustion or pin CPU resources, stalling or crashing the Rack server. This results in full service disruption until the affected worker is restarted. ## Mitigation - Update to a version of Rack that limits the number of parameters parsed, or - Use middleware to enforce a maximum query string size or parameter count, or - Employ a reverse proxy (such as Nginx) to limit request sizes and reject oversized query strings or bodies. Limiting request body sizes and query string lengths at the web server or CDN level is an effective mitigation.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-400	Uncontrolled Resource Consumption
CWE-770	Allocation of Resources Without Limits or Throttling
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46727.json
epss	0.00808	https://api.first.org/data/v1/epss?cve=CVE-2025-46727
epss	0.00808	https://api.first.org/data/v1/epss?cve=CVE-2025-46727
epss	0.00808	https://api.first.org/data/v1/epss?cve=CVE-2025-46727
epss	0.00808	https://api.first.org/data/v1/epss?cve=CVE-2025-46727
epss	0.00808	https://api.first.org/data/v1/epss?cve=CVE-2025-46727
epss	0.00808	https://api.first.org/data/v1/epss?cve=CVE-2025-46727
epss	0.00808	https://api.first.org/data/v1/epss?cve=CVE-2025-46727
epss	0.00808	https://api.first.org/data/v1/epss?cve=CVE-2025-46727
cvssv3.1	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-gjh7-p2fx-99vx
cvssv3.1	7.5	https://github.com/rack/rack
generic_textual	HIGH	https://github.com/rack/rack
cvssv3.1	7.5	https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712
generic_textual	HIGH	https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712
ssvc	Track	https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712
cvssv3.1	7.5	https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3
generic_textual	HIGH	https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3
ssvc	Track	https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3
cvssv3.1	7.5	https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74
generic_textual	HIGH	https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74
ssvc	Track	https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74
cvssv3	7.5	https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx
cvssv3.1	7.5	https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx
cvssv3.1_qr	HIGH	https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx
generic_textual	HIGH	https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx
ssvc	Track	https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx
cvssv3.1	7.5	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-46727.yml
generic_textual	HIGH	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-46727.yml
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2025-46727
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2025-46727

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46727.json
		https://api.first.org/data/v1/epss?cve=CVE-2025-46727
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46727
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/rack/rack
		https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712
		https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3
		https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74
		https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx
		https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-46727.yml
		https://nvd.nist.gov/vuln/detail/CVE-2025-46727
1104927		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104927
2364966		https://bugzilla.redhat.com/show_bug.cgi?id=2364966
GHSA-gjh7-p2fx-99vx		https://github.com/advisories/GHSA-gjh7-p2fx-99vx
RHSA-2025:7604		https://access.redhat.com/errata/RHSA-2025:7604
RHSA-2025:7605		https://access.redhat.com/errata/RHSA-2025:7605
RHSA-2025:8254		https://access.redhat.com/errata/RHSA-2025:8254
RHSA-2025:8256		https://access.redhat.com/errata/RHSA-2025:8256
RHSA-2025:8279		https://access.redhat.com/errata/RHSA-2025:8279
RHSA-2025:8288		https://access.redhat.com/errata/RHSA-2025:8288
RHSA-2025:8289		https://access.redhat.com/errata/RHSA-2025:8289
RHSA-2025:8290		https://access.redhat.com/errata/RHSA-2025:8290
RHSA-2025:8291		https://access.redhat.com/errata/RHSA-2025:8291
RHSA-2025:8319		https://access.redhat.com/errata/RHSA-2025:8319
RHSA-2025:8322		https://access.redhat.com/errata/RHSA-2025:8322
RHSA-2025:8323		https://access.redhat.com/errata/RHSA-2025:8323
RHSA-2025:9838		https://access.redhat.com/errata/RHSA-2025:9838
USN-7507-1		https://usn.ubuntu.com/7507-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46727.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/rack/rack

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T14:00:33Z/ Found at https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T14:00:33Z/ Found at https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T14:00:33Z/ Found at https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T14:00:33Z/ Found at https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-46727.yml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2025-46727

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.74158
EPSS Score	0.00808
Published At	April 2, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:57:04.516281+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/05/GHSA-gjh7-p2fx-99vx/GHSA-gjh7-p2fx-99vx.json	38.0.0