Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-gdhf-e8q1-kbat
Vulnerability ID VCID-gdhf-e8q1-kbat
Aliases CVE-2025-59830
GHSA-625h-95r8-8xpm
Summary Rack has an unsafe default in Rack::QueryParser allows params_limit bypass via semicolon-separated parameters `Rack::QueryParser` in version `< 2.2.18` enforces its `params_limit` only for parameters separated by `&`, while still splitting on both `&` and `;`. As a result, attackers could use `;` separators to bypass the parameter count limit and submit more parameters than intended.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-400 Uncontrolled Resource Consumption
CWE-770 Allocation of Resources Without Limits or Throttling
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59830.json
epss 0.00069 https://api.first.org/data/v1/epss?cve=CVE-2025-59830
epss 0.00069 https://api.first.org/data/v1/epss?cve=CVE-2025-59830
epss 0.00069 https://api.first.org/data/v1/epss?cve=CVE-2025-59830
epss 0.00069 https://api.first.org/data/v1/epss?cve=CVE-2025-59830
epss 0.00069 https://api.first.org/data/v1/epss?cve=CVE-2025-59830
epss 0.00069 https://api.first.org/data/v1/epss?cve=CVE-2025-59830
epss 0.00069 https://api.first.org/data/v1/epss?cve=CVE-2025-59830
epss 0.00069 https://api.first.org/data/v1/epss?cve=CVE-2025-59830
cvssv3.1 7.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-625h-95r8-8xpm
cvssv3.1 7.5 https://github.com/rack/rack
generic_textual HIGH https://github.com/rack/rack
cvssv3.1 7.5 https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71
generic_textual HIGH https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71
ssvc Track https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71
cvssv3 7.5 https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm
cvssv3.1 7.5 https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm
cvssv3.1_qr HIGH https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm
generic_textual HIGH https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm
ssvc Track https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2025-59830
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2025-59830
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59830.json
https://api.first.org/data/v1/epss?cve=CVE-2025-59830
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59830
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/rack/rack
https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71
1116431 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116431
2398167 https://bugzilla.redhat.com/show_bug.cgi?id=2398167
CVE-2025-59830 https://nvd.nist.gov/vuln/detail/CVE-2025-59830
GHSA-625h-95r8-8xpm https://github.com/advisories/GHSA-625h-95r8-8xpm
GHSA-625h-95r8-8xpm https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm
RHSA-2025:19512 https://access.redhat.com/errata/RHSA-2025:19512
RHSA-2025:19513 https://access.redhat.com/errata/RHSA-2025:19513
RHSA-2025:19647 https://access.redhat.com/errata/RHSA-2025:19647
RHSA-2025:19719 https://access.redhat.com/errata/RHSA-2025:19719
RHSA-2025:19733 https://access.redhat.com/errata/RHSA-2025:19733
RHSA-2025:19734 https://access.redhat.com/errata/RHSA-2025:19734
RHSA-2025:19736 https://access.redhat.com/errata/RHSA-2025:19736
RHSA-2025:19800 https://access.redhat.com/errata/RHSA-2025:19800
RHSA-2025:19832 https://access.redhat.com/errata/RHSA-2025:19832
RHSA-2025:19855 https://access.redhat.com/errata/RHSA-2025:19855
RHSA-2025:19856 https://access.redhat.com/errata/RHSA-2025:19856
RHSA-2025:19948 https://access.redhat.com/errata/RHSA-2025:19948
RHSA-2025:20962 https://access.redhat.com/errata/RHSA-2025:20962
RHSA-2025:21036 https://access.redhat.com/errata/RHSA-2025:21036
USN-7784-1 https://usn.ubuntu.com/7784-1/
USN-7960-1 https://usn.ubuntu.com/7960-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59830.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/rack/rack
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-25T16:14:17Z/ Found at https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-25T16:14:17Z/ Found at https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2025-59830
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.21337
EPSS Score 0.00069
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:52:55.343332+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rack/CVE-2025-59830.yml 38.0.0