CVE-2022-44571 – rubygem-rack: denial of service in Content-Disposition parsing
https://notcve.org/view.php?id=CVE-2022-44571
There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted. A flaw was found in rubygem-rack. • https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126 https://security.netapp.com/advisory/ntap-20231208-0013 https://www.debian.org/security/2023/dsa-5530 https://access.redhat.com/security/cve/CVE-2022-44571 https://bugzilla.redhat.com/show_bug.cgi?id=2164714 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVE-2022-44570 – rubygem-rack: denial of service in Content-Disposition parsing
https://notcve.org/view.php?id=CVE-2022-44570
A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with Range requests (such as streaming applications, or applications that serve files) may be impacted. A flaw was found in rubygem-rack. Rack is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in the Rack::Utils.get_byte_ranges function. • https://discuss.rubyonrails.org/t/cve-2022-44570-possible-denial-of-service-vulnerability-in-racks-range-header-parsing/82125 https://security.netapp.com/advisory/ntap-20231208-0010 https://www.debian.org/security/2023/dsa-5530 https://access.redhat.com/security/cve/CVE-2022-44570 https://bugzilla.redhat.com/show_bug.cgi?id=2164719 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVE-2022-30123 – rubygem-rack: crafted requests can cause shell escape sequences
https://notcve.org/view.php?id=CVE-2022-30123
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack. Existe una vulnerabilidad de inyección de secuencia en Rack <2.0.9.1, <2.1.4.1 y <2.2.3.1 que podría permitir un posible escape de shell en los componentes Lint y CommonLogger de Rack. A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack's `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim's terminal. • https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728 https://security.gentoo.org/glsa/202310-18 https://security.netapp.com/advisory/ntap-20231208-0011 https://www.debian.org/security/2023/dsa-5530 https://access.redhat.com/security/cve/CVE-2022-30123 https://bugzilla.redhat.com/show_bug.cgi?id=2099524 • CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences CWE-179: Incorrect Behavior Order: Early Validation •
CVE-2022-30122 – rubygem-rack: crafted multipart POST request may cause a DoS
https://notcve.org/view.php?id=CVE-2022-30122
A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack. Existe una posible vulnerabilidad de Denegación de Servicio (DoS) en Rack <2.0.9.1, <2.1.4.1 y <2.2.3.1 en el componente de análisis multiparte de Rack. A denial of service flaw was found in ruby-rack. An attacker crafting multipart POST requests can cause Rack's multipart parser to take much longer than expected, leading to a denial of service. • https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729 https://security.gentoo.org/glsa/202310-18 https://security.netapp.com/advisory/ntap-20231208-0012 https://www.debian.org/security/2023/dsa-5530 https://access.redhat.com/security/cve/CVE-2022-30122 https://bugzilla.redhat.com/show_bug.cgi?id=2099519 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling CWE-1333: Inefficient Regular Expression Complexity •
CVE-2020-8161 – rubygem-rack: directory traversal in Rack::Directory
https://notcve.org/view.php?id=CVE-2020-8161
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure. Se presenta una vulnerabilidad de salto de directorio en rack versiones anteriores a 2.2.0, que permite a un atacante realizar una vulnerabilidad de salto de directorio en la aplicación Rack::Directory que esta incorporada con Rack, lo que podría resultar en una divulgación de información A directory traversal vulnerability was found in the Rack::Directory app that is bundled with Rack. If certain directories exist in a director managed by the Rack::Directory, this flaw allows an attacker to read the contents of files on the server outside of the root specified in the Rack::Directory initializer. The highest threat from this vulnerability is to confidentiality. • https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA https://hackerone.com/reports/434404 https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html https://usn.ubuntu.com/4561-1 https://access.redhat.com/security/cve/CVE-2020-8161 https://bugzilla.redhat.com/show_bug.cgi?id=1838281 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-548: Exposure of Information Through Directory Listing •