CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-26141 – Possible DoS Vulnerability with Range Header in Rack
https://notcve.org/view.php?id=CVE-2024-26141
Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the `Rack::File` middleware or the `Rack::Utils.byte_ranges` methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1. • https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944 https://github.com/rack/rack/commit/4849132bef471adb21131980df745f4bb84de2d9 https://github.com/rack/rack/commit/62457686b26d33a15a254c7768c2076e8e02b48b https://github.com/rack/rack/security/advisories/GHSA-xj5v-6v4g-jfw6 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26141.yml https://lists.debian.org/debian-lts-announce/2024/04/msg00022.html https://security.netapp.com/advisory/ntap-2024051 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-25126 – Rack ReDos in content type parsing (2nd degree polynomial)
https://notcve.org/view.php?id=CVE-2024-25126
Rack is a modular Ruby web server interface. Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability (ReDos 2nd degree polynomial). This vulnerability is patched in 3.0.9.1 and 2.2.8.1. Rack es una interfaz modular de servidor web Ruby. Los encabezados de tipo de contenido cuidadosamente elaborados pueden hacer que el analizador de tipo de medios de Rack demore mucho más de lo esperado, lo que lleva a una posible vulnerabilidad de denegación de servicio (polinomio de segundo grado de ReDos). • https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941 https://github.com/rack/rack/commit/6efb2ceea003c4b195815a614e00438cbd543462 https://github.com/rack/rack/commit/d9c163a443b8cadf4711d84bd2c58cb9ef89cf49 https://github.com/rack/rack/security/advisories/GHSA-22f2-v57c-j9cx https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-25126.yml https://lists.debian.org/debian-lts-announce/2024/04/msg00022.html https://security.netapp.com/advisory/ntap • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-27530 – rubygem-rack: Denial of service in Multipart MIME parsing
https://notcve.org/view.php?id=CVE-2023-27530
A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected. A flaw was found in rubygem-rack. This issue occurs in the Multipart MIME parsing code in Rack, which limits the number of file parts but does not limit the total number of parts that can be uploaded. Carefully crafted requests can abuse this and cause multipart parsing to take longer than expected, resulting in a denial of service. • https://discuss.rubyonrails.org/t/cve-2023-27530-possible-dos-vulnerability-in-multipart-mime-parsing/82388 https://lists.debian.org/debian-lts-announce/2023/04/msg00017.html https://security.netapp.com/advisory/ntap-20231208-0015 https://www.debian.org/security/2023/dsa-5530 https://access.redhat.com/security/cve/CVE-2023-27530 https://bugzilla.redhat.com/show_bug.cgi?id=2176477 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-44572 – rubygem-rack: denial of service in Content-Disposition parsing
https://notcve.org/view.php?id=CVE-2022-44572
A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted. A flaw was found in rubygem-rack. Rack is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in the multipart parsing component. By sending a specially-crafted input, a remote attacker can cause a denial of service. • https://hackerone.com/reports/1639882 https://security.netapp.com/advisory/ntap-20231208-0014 https://www.debian.org/security/2023/dsa-5530 https://access.redhat.com/security/cve/CVE-2022-44572 https://bugzilla.redhat.com/show_bug.cgi?id=2164722 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-30123 – rubygem-rack: crafted requests can cause shell escape sequences
https://notcve.org/view.php?id=CVE-2022-30123
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack. Existe una vulnerabilidad de inyección de secuencia en Rack <2.0.9.1, <2.1.4.1 y <2.2.3.1 que podría permitir un posible escape de shell en los componentes Lint y CommonLogger de Rack. A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack's `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim's terminal. • https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728 https://security.gentoo.org/glsa/202310-18 https://security.netapp.com/advisory/ntap-20231208-0011 https://www.debian.org/security/2023/dsa-5530 https://access.redhat.com/security/cve/CVE-2022-30123 https://bugzilla.redhat.com/show_bug.cgi?id=2099524 • CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences CWE-179: Incorrect Behavior Order: Early Validation •