CVE-2023-27539

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-27539

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-27539.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-27539

Aliases

GHSA-c6qg-cjj8-47qp

Downstream

DEBIAN-CVE-2023-27539

DLA-3392-1

DSA-5530-1

RHSA-2023:1961

RHSA-2023:1981

RHSA-2023:2652

RHSA-2023:3082

RHSA-2023:3403

RHSA-2023:6818

RLSA-2023:2652

RLSA-2023:3082

RLSA-2023:6818

SUSE-SU-2023:1685-1

SUSE-SU-2023:1869-1

UBUNTU-CVE-2023-27539

USN-6905-1

USN-7036-1

openSUSE-SU-2024:12789-1

openSUSE-SU-2024:12805-1

openSUSE-SU-2024:13726-1

openSUSE-SU-2024:13727-1

openSUSE-SU-2025:14811-1

openSUSE-SU-2025:14875-1

Related

Published

2025-01-09T01:15:07.483Z

Modified

2026-02-10T04:36:53.655409Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

There is a denial of service vulnerability in the header parsing component of Rack.

References

Affected packages

Git / github.com/rack/rack

Affected ranges

Type: GIT
Repo: https://github.com/rack/rack
Events: Introduced

52901caf09ebcda879512a8605059963a49df55d

Fixed

098d8e12c1553411ee198d7890c1fd9f1e8cf979

Fixed

231ef369ad0b542575fb36c74fcfcfabcf6c530c

Introduced

1a408687493175250408fe87c5046bf1adfa6386

Fixed

27addc7f1ae290b6b84c1c351e5b6d75a05bb40b

Fixed

ee7919ea04303717858be1c3f16b406adc6d8cff

Affected versions

2.*

2.0.0

2.0.1

2.1.0

2.2.0

2.2.3

2.2.3.1

2.2.4

3.*

3.0.0

v2.*

v2.2.1

v2.2.2

v2.2.5

v2.2.6

v2.2.6.1

v2.2.6.2

v2.2.6.3

v3.*

v3.0.1

v3.0.2

v3.0.3

v3.0.4

v3.0.4.1

v3.0.4.2

v3.0.5

v3.0.6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-27539.json"