{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-61921", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-10-03T22:21:59.615Z", "datePublished": "2025-10-10T19:28:10.688Z", "dateUpdated": "2025-10-10T20:54:47.627Z"}, "containers": {"cna": {"title": "Sinatra has ReDoS vulnerability in ETag header value generation", "problemTypes": [{"descriptions": [{"cweId": "CWE-1333", "lang": "en", "description": "CWE-1333: Inefficient Regular Expression Complexity", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U", "version": "4.0"}}], "references": [{"name": "https://github.com/sinatra/sinatra/security/advisories/GHSA-mr3q-g2mv-mr4q", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/sinatra/sinatra/security/advisories/GHSA-mr3q-g2mv-mr4q"}, {"name": "https://github.com/sinatra/sinatra/issues/2120", "tags": ["x_refsource_MISC"], "url": "https://github.com/sinatra/sinatra/issues/2120"}, {"name": "https://github.com/sinatra/sinatra/pull/1823", "tags": ["x_refsource_MISC"], "url": "https://github.com/sinatra/sinatra/pull/1823"}, {"name": "https://github.com/sinatra/sinatra/pull/2121", "tags": ["x_refsource_MISC"], "url": "https://github.com/sinatra/sinatra/pull/2121"}, {"name": "https://bugs.ruby-lang.org/issues/19104", "tags": ["x_refsource_MISC"], "url": "https://bugs.ruby-lang.org/issues/19104"}], "affected": [{"vendor": "sinatra", "product": "sinatra", "versions": [{"version": "< 4.2.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-10-10T19:28:10.688Z"}, "descriptions": [{"lang": "en", "value": "Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the `If-Match` and `If-None-Match` header parsing component of Sinatra, if the `etag` method is used when constructing the response. Carefully crafted input can cause `If-Match` and `If-None-Match` header parsing in Sinatra to take an unexpected amount of time, possibly resulting in a denial of service attack vector. This header is typically involved in generating the `ETag` header value. Any applications that use the `etag` method when generating a response are impacted. Version 4.2.0 fixes the issue."}], "source": {"advisory": "GHSA-mr3q-g2mv-mr4q", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-10T20:54:24.202335Z", "id": "CVE-2025-61921", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-10T20:54:47.627Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-61921", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-10T20:54:24.202335Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-10T20:54:28.101Z"}}], "cna": {"title": "Sinatra has ReDoS vulnerability in ETag header value generation", "source": {"advisory": "GHSA-mr3q-g2mv-mr4q", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 2.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "sinatra", "product": "sinatra", "versions": [{"status": "affected", "version": "< 4.2.0"}]}], "references": [{"url": "https://github.com/sinatra/sinatra/security/advisories/GHSA-mr3q-g2mv-mr4q", "name": "https://github.com/sinatra/sinatra/security/advisories/GHSA-mr3q-g2mv-mr4q", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/sinatra/sinatra/issues/2120", "name": "https://github.com/sinatra/sinatra/issues/2120", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/sinatra/sinatra/pull/1823", "name": "https://github.com/sinatra/sinatra/pull/1823", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/sinatra/sinatra/pull/2121", "name": "https://github.com/sinatra/sinatra/pull/2121", "tags": ["x_refsource_MISC"]}, {"url": "https://bugs.ruby-lang.org/issues/19104", "name": "https://bugs.ruby-lang.org/issues/19104", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the `If-Match` and `If-None-Match` header parsing component of Sinatra, if the `etag` method is used when constructing the response. Carefully crafted input can cause `If-Match` and `If-None-Match` header parsing in Sinatra to take an unexpected amount of time, possibly resulting in a denial of service attack vector. This header is typically involved in generating the `ETag` header value. Any applications that use the `etag` method when generating a response are impacted. Version 4.2.0 fixes the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1333", "description": "CWE-1333: Inefficient Regular Expression Complexity"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-10-10T19:28:10.688Z"}}}, "cveMetadata": {"cveId": "CVE-2025-61921", "state": "PUBLISHED", "dateUpdated": "2025-10-10T20:54:47.627Z", "dateReserved": "2025-10-03T22:21:59.615Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-10-10T19:28:10.688Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sinatrarb:sinatra:*:*:*:*:*:*:*:*", "matchCriteriaId": "184922C7-D13C-4EC5-8447-78BC78B5F8C6", "versionEndExcluding": "4.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the `If-Match` and `If-None-Match` header parsing component of Sinatra, if the `etag` method is used when constructing the response. Carefully crafted input can cause `If-Match` and `If-None-Match` header parsing in Sinatra to take an unexpected amount of time, possibly resulting in a denial of service attack vector. This header is typically involved in generating the `ETag` header value. Any applications that use the `etag` method when generating a response are impacted. Version 4.2.0 fixes the issue."}], "id": "CVE-2025-61921", "lastModified": "2025-10-31T16:27:16.573", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "UNREPORTED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-10-10T20:15:38.067", "references": [{"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://bugs.ruby-lang.org/issues/19104"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://github.com/sinatra/sinatra/issues/2120"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Patch"], "url": "https://github.com/sinatra/sinatra/pull/1823"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/sinatra/sinatra/pull/2121"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/sinatra/sinatra/security/advisories/GHSA-mr3q-g2mv-mr4q"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1333"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "sinatra: Sinatra has ReDoS vulnerability in ETag header value generation", "id": "2403178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403178"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-1333", "details": ["Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the `If-Match` and `If-None-Match` header parsing component of Sinatra, if the `etag` method is used when constructing the response. Carefully crafted input can cause `If-Match` and `If-None-Match` header parsing in Sinatra to take an unexpected amount of time, possibly resulting in a denial of service attack vector. This header is typically involved in generating the `ETag` header value. Any applications that use the `etag` method when generating a response are impacted. Version 4.2.0 fixes the issue.", "A flaw was found in Sinatra. A Regular Expression Denial of Service (ReDoS) vulnerability can be triggered when parsing the If-Match and If-None-Match HTTP headers. A remote attacker can exploit this issue by sending a specially crafted header to an application endpoint that uses the etag method, causing a excessive CPU consumption and potentially resulting in a denial of service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-61921", "package_state": [{"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp21/zync", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp22/zync", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp24/zync", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp25/zync", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp26/zync", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp2/zync-rhel7", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp2/zync-rhel8", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp2/zync-rhel9", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-10-10T19:28:10Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-61921\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-61921\nhttps://bugs.ruby-lang.org/issues/19104\nhttps://github.com/sinatra/sinatra/issues/2120\nhttps://github.com/sinatra/sinatra/pull/1823\nhttps://github.com/sinatra/sinatra/pull/2121\nhttps://github.com/sinatra/sinatra/security/advisories/GHSA-mr3q-g2mv-mr4q"], "statement": "This flaw can only be exploited in applications using the etag method to generate a response and if they are using Ruby below version 3.2.\nThe most likely security impact of this vulnerability is an unexpected amount of time to parse the If-Match and If-None-Match HTTP headers, potentially resulting in a degraded application performance but not completely deny service to legitimate users. Due to this reason, this flaw has been rated with a moderate severity.", "threat_severity": "Moderate"}

{"created": "2025-10-21T13:14:08.044866+00:00", "updated": "2025-10-21T13:14:08.044891+00:00", "vendors": ["sinatrarb", "sinatrarb$PRODUCT$sinatra"]}