{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/gleam-wisp/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"id":"CVE-2026-32145"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["denial-of-service","multipart-parsing","gleam-wisp"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eAn unauthenticated denial-of-service vulnerability exists in gleam-wisp versions prior to 2.2.2 due to a flaw in the multipart form parsing logic. Specifically, the issue arises from the handling of multipart data within the \u003ccode\u003emultipart_body\u003c/code\u003e and \u003ccode\u003emultipart_headers\u003c/code\u003e functions. The vulnerability stems from the parser\u0026rsquo;s failure to properly decrement the quota when handling chunks that do not contain the multipart boundary, effectively allowing attackers to send arbitrarily large multipart bodies without triggering configured size limits. This results in uncontrolled resource consumption, potentially leading to memory or disk exhaustion. Any application leveraging \u003ccode\u003erequire_form\u003c/code\u003e or \u003ccode\u003erequire_multipart_form\u003c/code\u003e on user-controlled input is susceptible to this vulnerability.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker sends an HTTP request to a wisp-based application that uses \u003ccode\u003erequire_form\u003c/code\u003e or \u003ccode\u003erequire_multipart_form\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe request contains a multipart body crafted to exploit the parsing vulnerability.\u003c/li\u003e\n\u003cli\u003eThe multipart body is split into multiple chunks, none of which (except the last) contain the multipart boundary.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003emultipart_body\u003c/code\u003e or \u003ccode\u003emultipart_headers\u003c/code\u003e functions in wisp process the initial chunks.\u003c/li\u003e\n\u003cli\u003eThe parser recurses due to the \u003ccode\u003eMoreRequiredForBody\u003c/code\u003e or \u003ccode\u003eMoreRequiredForHeaders\u003c/code\u003e branch being triggered, but it does not decrement the quota.\u003c/li\u003e\n\u003cli\u003eThe server accumulates the data from these chunks in memory (for form fields) or on disk (for file uploads).\u003c/li\u003e\n\u003cli\u003eThe final chunk, containing the boundary, is processed, and only its size is accounted for in the quota.\u003c/li\u003e\n\u003cli\u003eThe accumulated data exceeds available memory or disk space, causing a denial of service, application crash, or system termination.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThis vulnerability can lead to a denial-of-service condition. Successful exploitation allows an unauthenticated attacker to exhaust server resources, rendering the application unavailable. The impact includes potential memory exhaustion or disk exhaustion, leading to application crashes or termination by the operating system. The number of potential victims depends on the adoption of the vulnerable gleam-wisp library.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the fix by upgrading to wisp version 2.2.2 or later to remediate CVE-2026-32145.\u003c/li\u003e\n\u003cli\u003eDeploy a reverse proxy (such as nginx or HAProxy) in front of the application and enforce request body size limits as a workaround to mitigate the vulnerability.\u003c/li\u003e\n\u003cli\u003eImplement monitoring for excessive memory or disk usage by wisp-based applications to detect potential exploitation attempts.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-03T03:40:30Z","date_published":"2026-04-03T03:40:30Z","id":"/briefs/2026-04-wisp-multipart-dos/","summary":"A vulnerability in the multipart parsing logic of gleam-wisp allows an unauthenticated attacker to bypass request size limits and cause a denial of service by exhausting server memory or disk.","title":"Wisp Multipart Parsing Vulnerability Leads to Denial of Service","url":"https://feed.craftedsignal.io/briefs/2026-04-wisp-multipart-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Gleam-Wisp","version":"https://jsonfeed.org/version/1.1"}