Search criteria
54 vulnerabilities found for rack by rack_project
FKIE_CVE-2023-27530
Vulnerability from fkie_nvd - Published: 2023-03-10 22:15 - Updated: 2025-02-13 15:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "C1EDB027-19EA-4F3A-A3A1-46E03D679C7C",
"versionEndExcluding": "2.0.9.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "8ECC0192-9B71-4425-AE18-EDE8A7488392",
"versionEndExcluding": "2.1.4.3",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "FCBE71F2-9736-4E4D-8A71-2D1FF559A9F1",
"versionEndExcluding": "2.2.6.3",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "33317DE1-F0A7-4DB2-9F7C-20084C9035BD",
"versionEndExcluding": "3.0.4.2",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A DoS vulnerability exists in Rack \u003cv3.0.4.2, \u003cv2.2.6.3, \u003cv2.1.4.3 and \u003cv2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected."
}
],
"id": "CVE-2023-27530",
"lastModified": "2025-02-13T15:37:40.953",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-03-10T22:15:10.497",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2023-27530-possible-dos-vulnerability-in-multipart-mime-parsing/82388"
},
{
"source": "support@hackerone.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00017.html"
},
{
"source": "support@hackerone.com",
"url": "https://security.netapp.com/advisory/ntap-20231208-0015/"
},
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2023-27530-possible-dos-vulnerability-in-multipart-mime-parsing/82388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20231208-0015/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-44572
Vulnerability from fkie_nvd - Published: 2023-02-09 20:15 - Updated: 2025-02-13 15:37
Severity ?
Summary
A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "4726EA3A-2F00-4BE6-A0D5-1DCDF9E93CC7",
"versionEndExcluding": "2.0.9.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "88472664-E928-4495-B5F3-48791F54AA0F",
"versionEndExcluding": "2.1.4.2",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "68D93C0C-48AF-42AF-91C0-5E38C7FD73FE",
"versionEndExcluding": "2.2.4.1",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted."
}
],
"id": "CVE-2022-44572",
"lastModified": "2025-02-13T15:37:40.953",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-09T20:15:11.220",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1639882"
},
{
"source": "support@hackerone.com",
"url": "https://security.netapp.com/advisory/ntap-20231208-0014/"
},
{
"source": "support@hackerone.com",
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1639882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20231208-0014/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5530"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-44570
Vulnerability from fkie_nvd - Published: 2023-02-09 20:15 - Updated: 2025-02-13 15:37
Severity ?
Summary
A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with Range requests (such as streaming applications, or applications that serve files) may be impacted.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "9BA75CAC-3827-43F4-BB00-E53CF292C99B",
"versionEndExcluding": "2.0.9.2",
"versionStartIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "88472664-E928-4495-B5F3-48791F54AA0F",
"versionEndExcluding": "2.1.4.2",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "D64B9931-BE5C-4284-8233-7572FB46B296",
"versionEndExcluding": "2.2.6.1",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "523AAE89-E040-4954-BDAF-9D738E44D02B",
"versionEndExcluding": "3.0.4.1",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability in the Range header parsing component of Rack \u003e= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with Range requests (such as streaming applications, or applications that serve files) may be impacted."
}
],
"id": "CVE-2022-44570",
"lastModified": "2025-02-13T15:37:40.953",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-09T20:15:11.090",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-44570-possible-denial-of-service-vulnerability-in-racks-range-header-parsing/82125"
},
{
"source": "support@hackerone.com",
"url": "https://security.netapp.com/advisory/ntap-20231208-0010/"
},
{
"source": "support@hackerone.com",
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-44570-possible-denial-of-service-vulnerability-in-racks-range-header-parsing/82125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20231208-0010/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5530"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-44571
Vulnerability from fkie_nvd - Published: 2023-02-09 20:15 - Updated: 2025-02-13 15:37
Severity ?
Summary
There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "0FFB3E60-D2AF-42BC-9C54-4542F15FB5BC",
"versionEndExcluding": "2.0.9.2",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "88472664-E928-4495-B5F3-48791F54AA0F",
"versionEndExcluding": "2.1.4.2",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "D64B9931-BE5C-4284-8233-7572FB46B296",
"versionEndExcluding": "2.2.6.1",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "EFDFB2FB-F5BF-4138-AE0E-358E1D1424FB",
"versionEndExcluding": "3.0.4.1",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted."
}
],
"id": "CVE-2022-44571",
"lastModified": "2025-02-13T15:37:40.953",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-09T20:15:11.153",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126"
},
{
"source": "support@hackerone.com",
"url": "https://security.netapp.com/advisory/ntap-20231208-0013/"
},
{
"source": "support@hackerone.com",
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20231208-0013/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5530"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-30123
Vulnerability from fkie_nvd - Published: 2022-12-05 22:15 - Updated: 2024-11-21 07:02
Severity ?
Summary
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rack_project | rack | * | |
| rack_project | rack | * | |
| rack_project | rack | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47D52179-BB26-40C6-95F0-4466A962CF91",
"versionEndExcluding": "2.0.9.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E774AF-E7BB-45EB-B5E4-66F8F5D36285",
"versionEndExcluding": "2.1.4.1",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6145EE1D-85D5-4744-BA51-88EC52FF2891",
"versionEndExcluding": "2.2.3.1",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sequence injection vulnerability exists in Rack \u003c2.0.9.1, \u003c2.1.4.1 and \u003c2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de secuencia en Rack \u0026lt;2.0.9.1, \u0026lt;2.1.4.1 y \u0026lt;2.2.3.1 que podr\u00eda permitir un posible escape de shell en los componentes Lint y CommonLogger de Rack."
}
],
"id": "CVE-2022-30123",
"lastModified": "2024-11-21T07:02:12.290",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T22:15:10.280",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728"
},
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"source": "support@hackerone.com",
"url": "https://security.netapp.com/advisory/ntap-20231208-0011/"
},
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20231208-0011/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-150"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-30122
Vulnerability from fkie_nvd - Published: 2022-12-05 22:15 - Updated: 2024-11-21 07:02
Severity ?
Summary
A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rack_project | rack | * | |
| rack_project | rack | * | |
| rack_project | rack | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "442EB5AF-A390-4A62-8B4E-8A2C082864D3",
"versionEndExcluding": "2.0.9.1",
"versionStartIncluding": "1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E774AF-E7BB-45EB-B5E4-66F8F5D36285",
"versionEndExcluding": "2.1.4.1",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6145EE1D-85D5-4744-BA51-88EC52FF2891",
"versionEndExcluding": "2.2.3.1",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A possible denial of service vulnerability exists in Rack \u003c2.0.9.1, \u003c2.1.4.1 and \u003c2.2.3.1 in the multipart parsing component of Rack."
},
{
"lang": "es",
"value": "Existe una posible vulnerabilidad de Denegaci\u00f3n de Servicio (DoS) en Rack \u0026lt;2.0.9.1, \u0026lt;2.1.4.1 y \u0026lt;2.2.3.1 en el componente de an\u00e1lisis multiparte de Rack."
}
],
"id": "CVE-2022-30122",
"lastModified": "2024-11-21T07:02:12.160",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T22:15:10.227",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729"
},
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0012/"
},
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0012/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-8161
Vulnerability from fkie_nvd - Published: 2020-07-02 19:15 - Updated: 2024-11-21 05:38
Severity ?
Summary
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rack_project | rack | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 18.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBE1B06-8C22-47E1-A785-3394770349DB",
"versionEndExcluding": "2.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability exists in rack \u003c 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de salto de directorio en rack versiones anteriores a 2.2.0, que permite a un atacante realizar una vulnerabilidad de salto de directorio en la aplicaci\u00f3n Rack::Directory que esta incorporada con Rack, lo que podr\u00eda resultar en una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2020-8161",
"lastModified": "2024-11-21T05:38:24.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-02T19:15:12.357",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA"
},
{
"source": "support@hackerone.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/434404"
},
{
"source": "support@hackerone.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"source": "support@hackerone.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
},
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/434404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4561-1/"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-548"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-8184
Vulnerability from fkie_nvd - Published: 2020-06-19 17:15 - Updated: 2024-11-21 05:38
Severity ?
Summary
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rack_project | rack | * | |
| rack_project | rack | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 18.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2DAF3B-ED2C-45BC-A171-90CDF9FAFB5F",
"versionEndExcluding": "2.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF24106-652B-4267-A9C1-16B2C4182031",
"versionEndExcluding": "2.2.3",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reliance on cookies without validation/integrity check security vulnerability exists in rack \u003c 2.2.3, rack \u003c 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix."
},
{
"lang": "es",
"value": "Se presenta una dependencia de las cookies sin vulnerabilidad de seguridad de control de validaci\u00f3n e integridad en rack versiones anteriores a 2.2.3, rack versiones anteriores a 2.1.4, que hace posible a un atacante forjar un prefijo de cookie seguro o solo de host"
}
],
"id": "CVE-2020-8184",
"lastModified": "2024-11-21T05:38:27.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-19T17:15:18.757",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak"
},
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/895727"
},
{
"source": "support@hackerone.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"source": "support@hackerone.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
},
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/895727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4561-1/"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-784"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-16782
Vulnerability from fkie_nvd - Published: 2019-12-18 20:15 - Updated: 2025-02-13 15:37
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "D920538B-B12B-4CB6-B04C-4ED0122B1ACE",
"versionEndExcluding": "1.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "75BDB863-165A-4446-855E-25243469A538",
"versionEndExcluding": "2.0.8",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There\u0027s a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison."
},
{
"lang": "es",
"value": "Se presenta una posible vulnerabilidad de fuga de informaci\u00f3n y secuestro de sesi\u00f3n en Rack (rack RubyGem). Esta vulnerabilidad est\u00e1 parchada en las versiones 1.6.12 y 2.0.8. Los atacantes pueden ser capaces de encontrar y secuestrar sesiones utilizando ataques de sincronizaci\u00f3n dirigidos al id de sesi\u00f3n. Los id de sesi\u00f3n com\u00fanmente son almacenados e indexados a una base de datos que utiliza alg\u00fan tipo de esquema para acelerar las b\u00fasquedas de ese identificador de sesi\u00f3n. Al medir cuidadosamente la cantidad de tiempo que toma buscar una sesi\u00f3n, un atacante puede encontrar un id de sesi\u00f3n v\u00e1lida y secuestrar la sesi\u00f3n. El id de sesi\u00f3n en s\u00ed puede ser generado aleatoriamente, pero la forma en que es indexada la sesi\u00f3n por parte del almac\u00e9n de respaldo no utiliza una comparaci\u00f3n segura."
}
],
"id": "CVE-2019-16782",
"lastModified": "2025-02-13T15:37:40.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.0,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-18T20:15:16.180",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/3"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/3"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/08/1"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/09/2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/08/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/09/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-208"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-16471
Vulnerability from fkie_nvd - Published: 2018-11-13 23:29 - Updated: 2024-11-21 03:52
Severity ?
Summary
There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to an XSS attack. Note that applications using the normal escaping mechanisms provided by Rails may not impacted, but applications that bypass the escaping mechanisms, or do not use them may be vulnerable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rack_project | rack | * | |
| rack_project | rack | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88141B61-D802-4C96-B46D-92A2D808A528",
"versionEndExcluding": "1.6.11",
"versionStartIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "854E2437-A12B-4B29-9786-C78DF3204A61",
"versionEndExcluding": "2.0.6",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to \u0027http\u0027 or \u0027https\u0027 and do not escape the return value could be vulnerable to an XSS attack. Note that applications using the normal escaping mechanisms provided by Rails may not impacted, but applications that bypass the escaping mechanisms, or do not use them may be vulnerable."
},
{
"lang": "es",
"value": "Hay una posible vulnerabilidad Cross-Site Scripting (XSS) en Rack en versiones anteriores a la 2.0.6 y la 1.6.11. Las peticiones cuidadosamente manipuladas pueden provocar un impacto en los datos devueltos por el m\u00e9todo \"scheme\" en \"Rack::Request\". Las aplicaciones que esperan que el esquema est\u00e9 limitado a \"http\" o \"https\" y que no escapan el valor de retorno podr\u00edan ser vulnerables a un ataque Cross-Site Scripting (XSS). N\u00f3tese que las aplicaciones que emplean los mecanismos de escape normales proporcionados por Rails podr\u00edan no haberse visto impactados, pero las aplicaciones que omiten los mecanismos de escape o que no los emplean podr\u00edan ser vulnerables."
}
],
"id": "CVE-2018-16471",
"lastModified": "2024-11-21T03:52:49.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-13T23:29:00.310",
"references": [
{
"source": "support@hackerone.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00032.html"
},
{
"source": "support@hackerone.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"
},
{
"source": "support@hackerone.com",
"url": "https://groups.google.com/forum/#%21topic/rubyonrails-security/GKsAFT924Ag"
},
{
"source": "support@hackerone.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00022.html"
},
{
"source": "support@hackerone.com",
"url": "https://usn.ubuntu.com/4089-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://groups.google.com/forum/#%21topic/rubyonrails-security/GKsAFT924Ag"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4089-1/"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-16470
Vulnerability from fkie_nvd - Published: 2018-11-13 23:29 - Updated: 2024-11-21 03:52
Severity ?
Summary
There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rack_project | rack | 2.0.4 | |
| rack_project | rack | 2.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rack_project:rack:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0D44D7B2-AB7B-4707-8B72-E6E5F5DF9E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rack_project:rack:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "86B4E304-9FDE-46CB-A52D-7E4870DCFE01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size."
},
{
"lang": "es",
"value": "Hay una posible vulnerabilidad de denegaci\u00f3n de servicio (DoS) en el analizador multiparte en Rack en versiones anteriores a la 2.0.6. Las peticiones especialmente manipuladas pueden provocar que el analizador multiparte entre en estado patol\u00f3gico, haciendo que emplee una cantidad de recursos de CPU desproporcionada al tama\u00f1o de la petici\u00f3n."
}
],
"id": "CVE-2018-16470",
"lastModified": "2024-11-21T03:52:49.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-13T23:29:00.263",
"references": [
{
"source": "support@hackerone.com",
"url": "https://access.redhat.com/errata/RHSA-2019:3172"
},
{
"source": "support@hackerone.com",
"url": "https://groups.google.com/forum/#%21msg/rubyonrails-security/U_x-YkfuVTg/xhvYAmp6AAAJ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:3172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://groups.google.com/forum/#%21msg/rubyonrails-security/U_x-YkfuVTg/xhvYAmp6AAAJ"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-27530 (GCVE-0-2023-27530)
Vulnerability from cvelistv5 – Published: 2023-03-10 00:00 – Updated: 2024-10-15 18:33
VLAI?
Summary
A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.
Severity ?
7.5 (High)
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
3.0.4.2, 2.2.6.3, 2.1.4.3, 2.0.9.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:35.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/cve-2023-27530-possible-dos-vulnerability-in-multipart-mime-parsing/82388"
},
{
"name": "[debian-lts-announce] 20230417 [SECURITY] [DLA 3392-1] ruby-rack security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00017.html"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0015/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27530",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:29:06.360143Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T18:33:52.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.0.4.2, 2.2.6.3, 2.1.4.3, 2.0.9.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A DoS vulnerability exists in Rack \u003cv3.0.4.2, \u003cv2.2.6.3, \u003cv2.1.4.3 and \u003cv2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:17.311008",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2023-27530-possible-dos-vulnerability-in-multipart-mime-parsing/82388"
},
{
"name": "[debian-lts-announce] 20230417 [SECURITY] [DLA 3392-1] ruby-rack security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00017.html"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0015/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-27530",
"datePublished": "2023-03-10T00:00:00",
"dateReserved": "2023-03-02T00:00:00",
"dateUpdated": "2024-10-15T18:33:52.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44572 (GCVE-0-2022-44572)
Vulnerability from cvelistv5 – Published: 2023-02-09 00:00 – Updated: 2024-08-03 13:54
VLAI?
Summary
A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted.
Severity ?
No CVSS data available.
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:54:03.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1639882"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0014/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:24.574796",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1639882"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0014/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-44572",
"datePublished": "2023-02-09T00:00:00",
"dateReserved": "2022-11-01T00:00:00",
"dateUpdated": "2024-08-03T13:54:03.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44570 (GCVE-0-2022-44570)
Vulnerability from cvelistv5 – Published: 2023-02-09 00:00 – Updated: 2024-08-03 13:54
VLAI?
Summary
A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with Range requests (such as streaming applications, or applications that serve files) may be impacted.
Severity ?
No CVSS data available.
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
2.0.9.2, 2.1.4.2, 2.2.4.2, 3.0.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:54:03.858Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-44570-possible-denial-of-service-vulnerability-in-racks-range-header-parsing/82125"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0010/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.0.9.2, 2.1.4.2, 2.2.4.2, 3.0.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability in the Range header parsing component of Rack \u003e= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with Range requests (such as streaming applications, or applications that serve files) may be impacted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:20.271290",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2022-44570-possible-denial-of-service-vulnerability-in-racks-range-header-parsing/82125"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0010/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-44570",
"datePublished": "2023-02-09T00:00:00",
"dateReserved": "2022-11-01T00:00:00",
"dateUpdated": "2024-08-03T13:54:03.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44571 (GCVE-0-2022-44571)
Vulnerability from cvelistv5 – Published: 2023-02-09 00:00 – Updated: 2024-08-03 13:54
VLAI?
Summary
There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted.
Severity ?
No CVSS data available.
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:54:03.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0013/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:18.809359",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0013/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-44571",
"datePublished": "2023-02-09T00:00:00",
"dateReserved": "2022-11-01T00:00:00",
"dateUpdated": "2024-08-03T13:54:03.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30123 (GCVE-0-2022-30123)
Vulnerability from cvelistv5 – Published: 2022-12-05 00:00 – Updated: 2024-08-03 06:40
VLAI?
Summary
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
Severity ?
No CVSS data available.
CWE
- CWE-150 - Improper Neutralization of Escape, Meta, or Control Sequences (CWE-150)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
2.0.9.1, 2.1.4.1, 2.2.3.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:40:47.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "GLSA-202310-18",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0011/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.0.9.1, 2.1.4.1, 2.2.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sequence injection vulnerability exists in Rack \u003c2.0.9.1, \u003c2.1.4.1 and \u003c2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-150",
"description": "Improper Neutralization of Escape, Meta, or Control Sequences (CWE-150)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:15.677017",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "GLSA-202310-18",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0011/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-30123",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-05-02T00:00:00",
"dateUpdated": "2024-08-03T06:40:47.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30122 (GCVE-0-2022-30122)
Vulnerability from cvelistv5 – Published: 2022-12-05 00:00 – Updated: 2024-11-19 20:16
VLAI?
Summary
A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.
Severity ?
No CVSS data available.
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
2.0.9.1, 2.1.4.1, 2.2.3.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:40:47.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "GLSA-202310-18",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0012/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-30122",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-13T16:09:46.798688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T20:16:22.716Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.0.9.1, 2.1.4.1, 2.2.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A possible denial of service vulnerability exists in Rack \u003c2.0.9.1, \u003c2.1.4.1 and \u003c2.2.3.1 in the multipart parsing component of Rack."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:21.756956",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "GLSA-202310-18",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0012/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-30122",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-05-02T00:00:00",
"dateUpdated": "2024-11-19T20:16:22.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8161 (GCVE-0-2020-8161)
Vulnerability from cvelistv5 – Published: 2020-07-02 00:00 – Updated: 2024-08-04 09:48
VLAI?
Summary
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
Severity ?
No CVSS data available.
CWE
- CWE-548 - Information Exposure Through Directory Listing (CWE-548)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
Fixed in 2.1.3, >= 2.2.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:25.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/434404"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA"
},
{
"name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2275-1] ruby-rack security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"name": "USN-4561-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3298-1] ruby-rack security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 2.1.3, \u003e= 2.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability exists in rack \u003c 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-548",
"description": "Information Exposure Through Directory Listing (CWE-548)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-31T00:00:00",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/434404"
},
{
"url": "https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA"
},
{
"name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2275-1] ruby-rack security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"name": "USN-4561-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3298-1] ruby-rack security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8161",
"datePublished": "2020-07-02T00:00:00",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:48:25.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8184 (GCVE-0-2020-8184)
Vulnerability from cvelistv5 – Published: 2020-06-19 00:00 – Updated: 2024-08-04 09:56
VLAI?
Summary
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
Severity ?
No CVSS data available.
CWE
- CWE-784 - Reliance on Cookies without Validation and Integrity Checking in a Security Decision (CWE-784)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
rack >= 2.2.3, rack >= 2.1.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:26.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/895727"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak"
},
{
"name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2275-1] ruby-rack security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"name": "USN-4561-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3298-1] ruby-rack security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "rack \u003e= 2.2.3, rack \u003e= 2.1.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A reliance on cookies without validation/integrity check security vulnerability exists in rack \u003c 2.2.3, rack \u003c 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-784",
"description": "Reliance on Cookies without Validation and Integrity Checking in a Security Decision (CWE-784)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-31T00:00:00",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/895727"
},
{
"url": "https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak"
},
{
"name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2275-1] ruby-rack security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"name": "USN-4561-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3298-1] ruby-rack security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8184",
"datePublished": "2020-06-19T00:00:00",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:26.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16782 (GCVE-0-2019-16782)
Vulnerability from cvelistv5 – Published: 2019-12-18 19:05 – Updated: 2024-08-05 01:24
VLAI?
Title
Possible Information Leak / Session Hijack Vulnerability in Rack
Summary
There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.
Severity ?
6.3 (Medium)
CWE
- CWE-208 - Information Exposure Through Timing Discrepancy
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:48.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38"
},
{
"name": "[oss-security] 20191219 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/3"
},
{
"name": "[oss-security] 20191218 [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/2"
},
{
"name": "[oss-security] 20191218 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/3"
},
{
"name": "FEDORA-2020-57fc0d0156",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX/"
},
{
"name": "openSUSE-SU-2020:0214",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"
},
{
"name": "[oss-security] 20200409 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/08/1"
},
{
"name": "[oss-security] 20200408 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/09/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rack",
"vendor": "rack",
"versions": [
{
"status": "affected",
"version": "before 1.6.12 or 2.0.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There\u0027s a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208 Information Exposure Through Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T14:06:01",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38"
},
{
"name": "[oss-security] 20191219 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/3"
},
{
"name": "[oss-security] 20191218 [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/2"
},
{
"name": "[oss-security] 20191218 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/3"
},
{
"name": "FEDORA-2020-57fc0d0156",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX/"
},
{
"name": "openSUSE-SU-2020:0214",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"
},
{
"name": "[oss-security] 20200409 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/08/1"
},
{
"name": "[oss-security] 20200408 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/09/2"
}
],
"source": {
"advisory": "GHSA-hrqr-hxpp-chr3",
"discovery": "UNKNOWN"
},
"title": "Possible Information Leak / Session Hijack Vulnerability in Rack",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2019-16782",
"STATE": "PUBLIC",
"TITLE": "Possible Information Leak / Session Hijack Vulnerability in Rack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rack",
"version": {
"version_data": [
{
"version_value": "before 1.6.12 or 2.0.8"
}
]
}
}
]
},
"vendor_name": "rack"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There\u0027s a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-208 Information Exposure Through Timing Discrepancy"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3",
"refsource": "CONFIRM",
"url": "https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3"
},
{
"name": "https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38",
"refsource": "CONFIRM",
"url": "https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38"
},
{
"name": "[oss-security] 20191219 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/3"
},
{
"name": "[oss-security] 20191218 [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/2"
},
{
"name": "[oss-security] 20191218 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/3"
},
{
"name": "FEDORA-2020-57fc0d0156",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX/"
},
{
"name": "openSUSE-SU-2020:0214",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"
},
{
"name": "[oss-security] 20200409 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/04/08/1"
},
{
"name": "[oss-security] 20200408 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/04/09/2"
}
]
},
"source": {
"advisory": "GHSA-hrqr-hxpp-chr3",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2019-16782",
"datePublished": "2019-12-18T19:05:14",
"dateReserved": "2019-09-24T00:00:00",
"dateUpdated": "2024-08-05T01:24:48.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16470 (GCVE-0-2018-16470)
Vulnerability from cvelistv5 – Published: 2018-11-13 23:00 – Updated: 2024-08-05 10:24
VLAI?
Summary
There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size.
Severity ?
No CVSS data available.
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://groups.google.com/forum/#%21msg/rubyonrails-security/U_x-YkfuVTg/xhvYAmp6AAAJ"
},
{
"name": "RHSA-2019:3172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3172"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rack",
"vendor": "Rack",
"versions": [
{
"status": "affected",
"version": "2.0.6"
}
]
}
],
"datePublic": "2018-11-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-24T22:06:22",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://groups.google.com/forum/#%21msg/rubyonrails-security/U_x-YkfuVTg/xhvYAmp6AAAJ"
},
{
"name": "RHSA-2019:3172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3172"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2018-16470",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rack",
"version": {
"version_data": [
{
"version_value": "2.0.6"
}
]
}
}
]
},
"vendor_name": "Rack"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (CWE-400)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://groups.google.com/forum/#!msg/rubyonrails-security/U_x-YkfuVTg/xhvYAmp6AAAJ",
"refsource": "MISC",
"url": "https://groups.google.com/forum/#!msg/rubyonrails-security/U_x-YkfuVTg/xhvYAmp6AAAJ"
},
{
"name": "RHSA-2019:3172",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3172"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2018-16470",
"datePublished": "2018-11-13T23:00:00",
"dateReserved": "2018-09-04T00:00:00",
"dateUpdated": "2024-08-05T10:24:32.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27530 (GCVE-0-2023-27530)
Vulnerability from nvd – Published: 2023-03-10 00:00 – Updated: 2024-10-15 18:33
VLAI?
Summary
A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.
Severity ?
7.5 (High)
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
3.0.4.2, 2.2.6.3, 2.1.4.3, 2.0.9.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:35.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/cve-2023-27530-possible-dos-vulnerability-in-multipart-mime-parsing/82388"
},
{
"name": "[debian-lts-announce] 20230417 [SECURITY] [DLA 3392-1] ruby-rack security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00017.html"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0015/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27530",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:29:06.360143Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T18:33:52.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.0.4.2, 2.2.6.3, 2.1.4.3, 2.0.9.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A DoS vulnerability exists in Rack \u003cv3.0.4.2, \u003cv2.2.6.3, \u003cv2.1.4.3 and \u003cv2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:17.311008",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2023-27530-possible-dos-vulnerability-in-multipart-mime-parsing/82388"
},
{
"name": "[debian-lts-announce] 20230417 [SECURITY] [DLA 3392-1] ruby-rack security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00017.html"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0015/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-27530",
"datePublished": "2023-03-10T00:00:00",
"dateReserved": "2023-03-02T00:00:00",
"dateUpdated": "2024-10-15T18:33:52.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44572 (GCVE-0-2022-44572)
Vulnerability from nvd – Published: 2023-02-09 00:00 – Updated: 2024-08-03 13:54
VLAI?
Summary
A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted.
Severity ?
No CVSS data available.
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:54:03.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1639882"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0014/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:24.574796",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1639882"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0014/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-44572",
"datePublished": "2023-02-09T00:00:00",
"dateReserved": "2022-11-01T00:00:00",
"dateUpdated": "2024-08-03T13:54:03.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44570 (GCVE-0-2022-44570)
Vulnerability from nvd – Published: 2023-02-09 00:00 – Updated: 2024-08-03 13:54
VLAI?
Summary
A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with Range requests (such as streaming applications, or applications that serve files) may be impacted.
Severity ?
No CVSS data available.
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
2.0.9.2, 2.1.4.2, 2.2.4.2, 3.0.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:54:03.858Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-44570-possible-denial-of-service-vulnerability-in-racks-range-header-parsing/82125"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0010/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.0.9.2, 2.1.4.2, 2.2.4.2, 3.0.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability in the Range header parsing component of Rack \u003e= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with Range requests (such as streaming applications, or applications that serve files) may be impacted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:20.271290",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2022-44570-possible-denial-of-service-vulnerability-in-racks-range-header-parsing/82125"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0010/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-44570",
"datePublished": "2023-02-09T00:00:00",
"dateReserved": "2022-11-01T00:00:00",
"dateUpdated": "2024-08-03T13:54:03.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44571 (GCVE-0-2022-44571)
Vulnerability from nvd – Published: 2023-02-09 00:00 – Updated: 2024-08-03 13:54
VLAI?
Summary
There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted.
Severity ?
No CVSS data available.
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:54:03.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0013/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:18.809359",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0013/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-44571",
"datePublished": "2023-02-09T00:00:00",
"dateReserved": "2022-11-01T00:00:00",
"dateUpdated": "2024-08-03T13:54:03.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30123 (GCVE-0-2022-30123)
Vulnerability from nvd – Published: 2022-12-05 00:00 – Updated: 2024-08-03 06:40
VLAI?
Summary
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
Severity ?
No CVSS data available.
CWE
- CWE-150 - Improper Neutralization of Escape, Meta, or Control Sequences (CWE-150)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
2.0.9.1, 2.1.4.1, 2.2.3.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:40:47.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "GLSA-202310-18",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0011/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.0.9.1, 2.1.4.1, 2.2.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sequence injection vulnerability exists in Rack \u003c2.0.9.1, \u003c2.1.4.1 and \u003c2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-150",
"description": "Improper Neutralization of Escape, Meta, or Control Sequences (CWE-150)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:15.677017",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "GLSA-202310-18",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0011/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-30123",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-05-02T00:00:00",
"dateUpdated": "2024-08-03T06:40:47.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30122 (GCVE-0-2022-30122)
Vulnerability from nvd – Published: 2022-12-05 00:00 – Updated: 2024-11-19 20:16
VLAI?
Summary
A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.
Severity ?
No CVSS data available.
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
2.0.9.1, 2.1.4.1, 2.2.3.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:40:47.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "GLSA-202310-18",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0012/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-30122",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-13T16:09:46.798688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T20:16:22.716Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.0.9.1, 2.1.4.1, 2.2.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A possible denial of service vulnerability exists in Rack \u003c2.0.9.1, \u003c2.1.4.1 and \u003c2.2.3.1 in the multipart parsing component of Rack."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T22:06:21.756956",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729"
},
{
"name": "DSA-5530",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "GLSA-202310-18",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-18"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0012/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-30122",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-05-02T00:00:00",
"dateUpdated": "2024-11-19T20:16:22.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8161 (GCVE-0-2020-8161)
Vulnerability from nvd – Published: 2020-07-02 00:00 – Updated: 2024-08-04 09:48
VLAI?
Summary
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
Severity ?
No CVSS data available.
CWE
- CWE-548 - Information Exposure Through Directory Listing (CWE-548)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
Fixed in 2.1.3, >= 2.2.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:25.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/434404"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA"
},
{
"name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2275-1] ruby-rack security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"name": "USN-4561-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3298-1] ruby-rack security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 2.1.3, \u003e= 2.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability exists in rack \u003c 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-548",
"description": "Information Exposure Through Directory Listing (CWE-548)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-31T00:00:00",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/434404"
},
{
"url": "https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA"
},
{
"name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2275-1] ruby-rack security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"name": "USN-4561-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3298-1] ruby-rack security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8161",
"datePublished": "2020-07-02T00:00:00",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:48:25.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8184 (GCVE-0-2020-8184)
Vulnerability from nvd – Published: 2020-06-19 00:00 – Updated: 2024-08-04 09:56
VLAI?
Summary
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
Severity ?
No CVSS data available.
CWE
- CWE-784 - Reliance on Cookies without Validation and Integrity Checking in a Security Decision (CWE-784)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/rack/rack |
Affected:
rack >= 2.2.3, rack >= 2.1.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:26.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/895727"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak"
},
{
"name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2275-1] ruby-rack security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"name": "USN-4561-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3298-1] ruby-rack security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rack/rack",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "rack \u003e= 2.2.3, rack \u003e= 2.1.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A reliance on cookies without validation/integrity check security vulnerability exists in rack \u003c 2.2.3, rack \u003c 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-784",
"description": "Reliance on Cookies without Validation and Integrity Checking in a Security Decision (CWE-784)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-31T00:00:00",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/895727"
},
{
"url": "https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak"
},
{
"name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2275-1] ruby-rack security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html"
},
{
"name": "USN-4561-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3298-1] ruby-rack security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8184",
"datePublished": "2020-06-19T00:00:00",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:26.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16782 (GCVE-0-2019-16782)
Vulnerability from nvd – Published: 2019-12-18 19:05 – Updated: 2024-08-05 01:24
VLAI?
Title
Possible Information Leak / Session Hijack Vulnerability in Rack
Summary
There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.
Severity ?
6.3 (Medium)
CWE
- CWE-208 - Information Exposure Through Timing Discrepancy
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:48.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38"
},
{
"name": "[oss-security] 20191219 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/3"
},
{
"name": "[oss-security] 20191218 [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/2"
},
{
"name": "[oss-security] 20191218 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/3"
},
{
"name": "FEDORA-2020-57fc0d0156",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX/"
},
{
"name": "openSUSE-SU-2020:0214",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"
},
{
"name": "[oss-security] 20200409 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/08/1"
},
{
"name": "[oss-security] 20200408 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/09/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rack",
"vendor": "rack",
"versions": [
{
"status": "affected",
"version": "before 1.6.12 or 2.0.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There\u0027s a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208 Information Exposure Through Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T14:06:01",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38"
},
{
"name": "[oss-security] 20191219 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/3"
},
{
"name": "[oss-security] 20191218 [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/2"
},
{
"name": "[oss-security] 20191218 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/3"
},
{
"name": "FEDORA-2020-57fc0d0156",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX/"
},
{
"name": "openSUSE-SU-2020:0214",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"
},
{
"name": "[oss-security] 20200409 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/08/1"
},
{
"name": "[oss-security] 20200408 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/09/2"
}
],
"source": {
"advisory": "GHSA-hrqr-hxpp-chr3",
"discovery": "UNKNOWN"
},
"title": "Possible Information Leak / Session Hijack Vulnerability in Rack",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2019-16782",
"STATE": "PUBLIC",
"TITLE": "Possible Information Leak / Session Hijack Vulnerability in Rack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rack",
"version": {
"version_data": [
{
"version_value": "before 1.6.12 or 2.0.8"
}
]
}
}
]
},
"vendor_name": "rack"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There\u0027s a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-208 Information Exposure Through Timing Discrepancy"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3",
"refsource": "CONFIRM",
"url": "https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3"
},
{
"name": "https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38",
"refsource": "CONFIRM",
"url": "https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38"
},
{
"name": "[oss-security] 20191219 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/3"
},
{
"name": "[oss-security] 20191218 [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/18/2"
},
{
"name": "[oss-security] 20191218 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/19/3"
},
{
"name": "FEDORA-2020-57fc0d0156",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX/"
},
{
"name": "openSUSE-SU-2020:0214",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"
},
{
"name": "[oss-security] 20200409 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/04/08/1"
},
{
"name": "[oss-security] 20200408 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/04/09/2"
}
]
},
"source": {
"advisory": "GHSA-hrqr-hxpp-chr3",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2019-16782",
"datePublished": "2019-12-18T19:05:14",
"dateReserved": "2019-09-24T00:00:00",
"dateUpdated": "2024-08-05T01:24:48.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}