CVE-2022-44571

rubygem-rack: denial of service in Content-Disposition parsing

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

NVD
RedHat

There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted.

A flaw was found in rubygem-rack. Rack is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in the multipart parser. By sending a specially-crafted regex input, a remote attacker can cause a denial of service.

*Credits: N/A

CVSS Scores

NISTv3.1 7.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-11-01 CVE Reserved
2023-02-09 CVE Published
2024-08-03 CVE Updated
2024-09-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption
CWE-1333: Inefficient Regular Expression Complexity

CAPEC

References (5)

URL	Tag	Source
https://security.netapp.com/advisory/ntap-20231208-0013

URL	Date	SRC

URL	Date	SRC
https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126	2023-12-08

URL	Date	SRC
https://www.debian.org/security/2023/dsa-5530	2023-12-08
https://access.redhat.com/security/cve/CVE-2022-44571	2023-11-08
https://bugzilla.redhat.com/show_bug.cgi?id=2164714	2023-11-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Rack Project Search vendor "Rack Project"		Rack Search vendor "Rack Project" for product "Rack"				>= 2.0.0 < 2.0.9.2 Search vendor "Rack Project" for product "Rack" and version " >= 2.0.0 < 2.0.9.2"		ruby		Affected
Rack Project Search vendor "Rack Project"		Rack Search vendor "Rack Project" for product "Rack"				>= 2.1.0 < 2.1.4.2 Search vendor "Rack Project" for product "Rack" and version " >= 2.1.0 < 2.1.4.2"		ruby		Affected
Rack Project Search vendor "Rack Project"		Rack Search vendor "Rack Project" for product "Rack"				>= 2.2.0 < 2.2.6.1 Search vendor "Rack Project" for product "Rack" and version " >= 2.2.0 < 2.2.6.1"		ruby		Affected
Rack Project Search vendor "Rack Project"		Rack Search vendor "Rack Project" for product "Rack"				>= 3.0.0.0 < 3.0.4.1 Search vendor "Rack Project" for product "Rack" and version " >= 3.0.0.0 < 3.0.4.1"		ruby		Affected