Rails Active Storage has a possible DoS vulnerability in proxy...

2.3 / 10

LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

Description

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1
Active Storage's proxy controller does not limit the number of byte ranges in an HTTP Range header. A request with thousands of small ranges causes disproportionate CPU usage compared to a normal request for the same file, possibly resulting in a DoS vulnerability. Versions 8.1.2.1, 8.0.4.1, and 7.2.3.1 contain a patch.

Basic Information

ID CVE-2026-33658

Source GitHub_M

Published Mar 26, 2026 at 21:03

Modified Mar 30, 2026 at 11:42

Affected Product

Vendor rails

Product activestorage

Version >= 8.1.0, < 8.1.2.1

Affected Versions rails activestorage >= 8.1.0, < 8.1.2.1
rails activestorage >= 8.0.0, < 8.0.4.1
rails activestorage < 7.2.3.1

CWE Classification

CWE-770

References

{
    "lastseen": "",
    "description": "Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1\nActive Storage's proxy controller does not limit the number of byte ranges in an HTTP Range header. A request with thousands of small ranges causes disproportionate CPU usage compared to a normal request for the same file, possibly resulting in a DoS vulnerability. Versions 8.1.2.1, 8.0.4.1, and 7.2.3.1 contain a patch.",
    "published": "2026-03-26T21:03:25.319Z",
    "modified": "2026-03-30T11:42:24.885Z",
    "type": "cve",
    "title": "Rails Active Storage has a possible DoS vulnerability in proxy mode via multi-range requests",
    "source": "GitHub_M",
    "references": "https://github.com/rails/rails/security/advisories/GHSA-p9fm-f462-ggrg\nhttps://github.com/rails/rails/releases/tag/v7.2.3.1\nhttps://github.com/rails/rails/releases/tag/v8.0.4.1\nhttps://github.com/rails/rails/releases/tag/v8.1.2.1\nhttps://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2026-33658.yml",
    "id": "CVE-2026-33658",
    "bulletinFamily": "",
    "cwe": [
        "CWE-770"
    ],
    "cvelist": null,
    "sourceData": "rails activestorage >= 8.1.0, < 8.1.2.1\nrails activestorage >= 8.0.0, < 8.0.4.1\nrails activestorage < 7.2.3.1",
    "sourceHref": "",
    "cvss": {
        "score": 2.3,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "activestorage",
    "version": ">= 8.1.0, < 8.1.2.1",
    "vendor": "rails",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Rails Active Storage has a possible DoS vulnerability in proxy mode via multi-range requests_CVE-2026-33658