VYPR
Moderate severityNVD Advisory· Published Jul 26, 2015· Updated Jun 17, 2026

CVE-2015-3225

CVE-2015-3225

Description

lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
rackRubyGems
>= 1.5.0, < 1.5.41.5.4
rackRubyGems
>= 1.6.0, < 1.6.21.6.2
rackRubyGems
>= 1.4.0, < 1.4.61.4.6

Affected products

23

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.