GSD-2022-44571
Vulnerability from gsd - Updated: 2023-01-18 00:00Details
There is a denial of service vulnerability in the Content-Disposition parsing
component of Rack. This vulnerability has been assigned the CVE identifier
CVE-2022-44571.
Versions Affected: >= 2.0.0
Not affected: None.
Fixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1
# Impact
Carefully crafted input can cause Content-Disposition header parsing in Rack
to take an unexpected amount of time, possibly resulting in a denial of
service attack vector. This header is used typically used in multipart
parsing. Any applications that parse multipart posts using Rack (virtually
all Rails applications) are impacted.
# Workarounds
There are no feasible workarounds for this issue.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-44571",
"description": "There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted.",
"id": "GSD-2022-44571",
"references": [
"https://www.suse.com/security/cve/CVE-2022-44571.html",
"https://ubuntu.com/security/CVE-2022-44571"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "rack",
"purl": "pkg:gem/rack"
}
}
],
"aliases": [
"CVE-2022-44571",
"GHSA-93pm-5p5f-3ghx"
],
"details": "There is a denial of service vulnerability in the Content-Disposition parsing\ncomponent of Rack. This vulnerability has been assigned the CVE identifier\nCVE-2022-44571.\n\nVersions Affected: \u003e= 2.0.0\nNot affected: None.\nFixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1\n\n# Impact\n\nCarefully crafted input can cause Content-Disposition header parsing in Rack\nto take an unexpected amount of time, possibly resulting in a denial of\nservice attack vector. This header is used typically used in multipart\nparsing. Any applications that parse multipart posts using Rack (virtually\nall Rails applications) are impacted.\n\n# Workarounds\n\nThere are no feasible workarounds for this issue.\n",
"id": "GSD-2022-44571",
"modified": "2023-01-18T00:00:00.000Z",
"published": "2023-01-18T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/rack/rack/releases/tag/v3.0.4.1"
}
],
"schema_version": "1.4.0",
"summary": "Denial of Service Vulnerability in Rack Content-Disposition parsing"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-44571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "https://github.com/rack/rack",
"version": {
"version_data": [
{
"version_value": "2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (CWE-400)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126",
"refsource": "MISC",
"url": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126"
},
{
"name": "DSA-5530",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "https://security.netapp.com/advisory/ntap-20231208-0013/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20231208-0013/"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2022-44571",
"date": "2023-01-18",
"description": "There is a denial of service vulnerability in the Content-Disposition parsing\ncomponent of Rack. This vulnerability has been assigned the CVE identifier\nCVE-2022-44571.\n\nVersions Affected: \u003e= 2.0.0\nNot affected: None.\nFixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1\n\n# Impact\n\nCarefully crafted input can cause Content-Disposition header parsing in Rack\nto take an unexpected amount of time, possibly resulting in a denial of\nservice attack vector. This header is used typically used in multipart\nparsing. Any applications that parse multipart posts using Rack (virtually\nall Rails applications) are impacted.\n\n# Workarounds\n\nThere are no feasible workarounds for this issue.\n",
"gem": "rack",
"ghsa": "93pm-5p5f-3ghx",
"patched_versions": [
"~\u003e 2.0.9, \u003e= 2.0.9.2",
"~\u003e 2.1.4, \u003e= 2.1.4.2",
"~\u003e 2.2.6, \u003e= 2.2.6.1",
"\u003e= 3.0.4.1"
],
"title": "Denial of Service Vulnerability in Rack Content-Disposition parsing",
"url": "https://github.com/rack/rack/releases/tag/v3.0.4.1"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003e=2.0.0 \u003c2.0.9.2||\u003e=2.1.0 \u003c2.1.4.2||\u003e=2.2.0 \u003c2.2.6.1||\u003e=3.0.0.0 \u003c3.0.4.1",
"affected_versions": "All versions starting from 2.0.0 before 2.0.9.2, all versions starting from 2.1.0 before 2.1.4.2, all versions starting from 2.2.0 before 2.2.6.1, all versions starting from 3.0.0.0 before 3.0.4.1",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-1333",
"CWE-937"
],
"date": "2023-02-17",
"description": "There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted.",
"fixed_versions": [
"2.0.9.2",
"2.1.4.2",
"2.2.6.1",
"3.0.4.1"
],
"identifier": "CVE-2022-44571",
"identifiers": [
"CVE-2022-44571",
"GHSA-93pm-5p5f-3ghx",
"GMS-2023-65"
],
"not_impacted": "All versions before 2.0.0, all versions starting from 2.0.9.2 before 2.1.0, all versions starting from 2.1.4.2 before 2.2.0, all versions starting from 2.2.6.1 before 3.0.0.0, all versions starting from 3.0.4.1",
"package_slug": "gem/rack",
"pubdate": "2023-02-09",
"solution": "Upgrade to versions 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1 or above.",
"title": "Inefficient Regular Expression Complexity",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2022-44571",
"https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126",
"https://github.com/rack/rack/releases/tag/v3.0.4.1",
"https://github.com/advisories/GHSA-93pm-5p5f-3ghx"
],
"uuid": "5a6fea3d-b147-4633-a0c5-1b9fd636139b"
},
{
"affected_range": "\u003c0",
"affected_versions": "All versions starting from 2.0.0 before 2.0.9.2, all versions starting from 2.1.0 before 2.1.4.2, all versions starting from 2.2.0 before 2.2.6.1, all versions starting from 3.0.0.0 before 3.0.4.1",
"cwe_ids": [
"CWE-1035",
"CWE-937"
],
"date": "2023-01-18",
"description": "Carefully crafted input can cause Content-Disposition header parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. This header is used typically used in multipart parsing. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted.",
"fixed_versions": [
"2.0.9.2",
"2.1.4.2",
"2.2.6.1",
"3.0.4.1"
],
"identifier": "GMS-2023-65",
"identifiers": [
"GHSA-93pm-5p5f-3ghx",
"GMS-2023-65",
"CVE-2022-44571"
],
"not_impacted": "All versions before 2.0.0, all versions starting from 2.0.9.2 before 2.1.0, all versions starting from 2.1.4.2 before 2.2.0, all versions starting from 2.2.6.1 before 3.0.0.0, all versions starting from 3.0.4.1",
"package_slug": "gem/rack",
"pubdate": "2023-01-18",
"solution": "Upgrade to versions 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1 or above.",
"title": "Duplicate of ./gem/rack/CVE-2022-44571.yml",
"urls": [
"https://github.com/rack/rack/releases/tag/v3.0.4.1",
"https://github.com/advisories/GHSA-93pm-5p5f-3ghx"
],
"uuid": "90a00c9a-9ebe-4b79-8752-830554b01197"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.4.2",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.6.1",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0.4.1",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.9.2",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-44571"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126"
},
{
"name": "DSA-5530",
"refsource": "DEBIAN",
"tags": [],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "https://security.netapp.com/advisory/ntap-20231208-0013/",
"refsource": "",
"tags": [],
"url": "https://security.netapp.com/advisory/ntap-20231208-0013/"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-12-08T22:15Z",
"publishedDate": "2023-02-09T20:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…