A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.
[
{
"vendor": "n/a",
"product": "https://github.com/rack/rack",
"versions": [
{
"version": "3.0.4.2, 2.2.6.3, 2.1.4.3, 2.0.9.3",
"status": "affected"
}
]
}
]