gsd-2022-44571
Vulnerability from gsd
Modified
2023-01-18 00:00
Details
There is a denial of service vulnerability in the Content-Disposition parsing
component of Rack. This vulnerability has been assigned the CVE identifier
CVE-2022-44571.
Versions Affected: >= 2.0.0
Not affected: None.
Fixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1
# Impact
Carefully crafted input can cause Content-Disposition header parsing in Rack
to take an unexpected amount of time, possibly resulting in a denial of
service attack vector. This header is used typically used in multipart
parsing. Any applications that parse multipart posts using Rack (virtually
all Rails applications) are impacted.
# Workarounds
There are no feasible workarounds for this issue.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-44571",
"description": "There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted.",
"id": "GSD-2022-44571",
"references": [
"https://www.suse.com/security/cve/CVE-2022-44571.html",
"https://ubuntu.com/security/CVE-2022-44571"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "rack",
"purl": "pkg:gem/rack"
}
}
],
"aliases": [
"CVE-2022-44571",
"GHSA-93pm-5p5f-3ghx"
],
"details": "There is a denial of service vulnerability in the Content-Disposition parsing\ncomponent of Rack. This vulnerability has been assigned the CVE identifier\nCVE-2022-44571.\n\nVersions Affected: \u003e= 2.0.0\nNot affected: None.\nFixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1\n\n# Impact\n\nCarefully crafted input can cause Content-Disposition header parsing in Rack\nto take an unexpected amount of time, possibly resulting in a denial of\nservice attack vector. This header is used typically used in multipart\nparsing. Any applications that parse multipart posts using Rack (virtually\nall Rails applications) are impacted.\n\n# Workarounds\n\nThere are no feasible workarounds for this issue.\n",
"id": "GSD-2022-44571",
"modified": "2023-01-18T00:00:00.000Z",
"published": "2023-01-18T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/rack/rack/releases/tag/v3.0.4.1"
}
],
"schema_version": "1.4.0",
"summary": "Denial of Service Vulnerability in Rack Content-Disposition parsing"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-44571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "https://github.com/rack/rack",
"version": {
"version_data": [
{
"version_value": "2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (CWE-400)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126",
"refsource": "MISC",
"url": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126"
},
{
"name": "DSA-5530",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "https://security.netapp.com/advisory/ntap-20231208-0013/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20231208-0013/"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2022-44571",
"date": "2023-01-18",
"description": "There is a denial of service vulnerability in the Content-Disposition parsing\ncomponent of Rack. This vulnerability has been assigned the CVE identifier\nCVE-2022-44571.\n\nVersions Affected: \u003e= 2.0.0\nNot affected: None.\nFixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1\n\n# Impact\n\nCarefully crafted input can cause Content-Disposition header parsing in Rack\nto take an unexpected amount of time, possibly resulting in a denial of\nservice attack vector. This header is used typically used in multipart\nparsing. Any applications that parse multipart posts using Rack (virtually\nall Rails applications) are impacted.\n\n# Workarounds\n\nThere are no feasible workarounds for this issue.\n",
"gem": "rack",
"ghsa": "93pm-5p5f-3ghx",
"patched_versions": [
"~\u003e 2.0.9, \u003e= 2.0.9.2",
"~\u003e 2.1.4, \u003e= 2.1.4.2",
"~\u003e 2.2.6, \u003e= 2.2.6.1",
"\u003e= 3.0.4.1"
],
"title": "Denial of Service Vulnerability in Rack Content-Disposition parsing",
"url": "https://github.com/rack/rack/releases/tag/v3.0.4.1"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003e=2.0.0 \u003c2.0.9.2||\u003e=2.1.0 \u003c2.1.4.2||\u003e=2.2.0 \u003c2.2.6.1||\u003e=3.0.0.0 \u003c3.0.4.1",
"affected_versions": "All versions starting from 2.0.0 before 2.0.9.2, all versions starting from 2.1.0 before 2.1.4.2, all versions starting from 2.2.0 before 2.2.6.1, all versions starting from 3.0.0.0 before 3.0.4.1",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-1333",
"CWE-937"
],
"date": "2023-02-17",
"description": "There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted.",
"fixed_versions": [
"2.0.9.2",
"2.1.4.2",
"2.2.6.1",
"3.0.4.1"
],
"identifier": "CVE-2022-44571",
"identifiers": [
"CVE-2022-44571",
"GHSA-93pm-5p5f-3ghx",
"GMS-2023-65"
],
"not_impacted": "All versions before 2.0.0, all versions starting from 2.0.9.2 before 2.1.0, all versions starting from 2.1.4.2 before 2.2.0, all versions starting from 2.2.6.1 before 3.0.0.0, all versions starting from 3.0.4.1",
"package_slug": "gem/rack",
"pubdate": "2023-02-09",
"solution": "Upgrade to versions 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1 or above.",
"title": "Inefficient Regular Expression Complexity",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2022-44571",
"https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126",
"https://github.com/rack/rack/releases/tag/v3.0.4.1",
"https://github.com/advisories/GHSA-93pm-5p5f-3ghx"
],
"uuid": "5a6fea3d-b147-4633-a0c5-1b9fd636139b"
},
{
"affected_range": "\u003c0",
"affected_versions": "All versions starting from 2.0.0 before 2.0.9.2, all versions starting from 2.1.0 before 2.1.4.2, all versions starting from 2.2.0 before 2.2.6.1, all versions starting from 3.0.0.0 before 3.0.4.1",
"cwe_ids": [
"CWE-1035",
"CWE-937"
],
"date": "2023-01-18",
"description": "Carefully crafted input can cause Content-Disposition header parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. This header is used typically used in multipart parsing. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted.",
"fixed_versions": [
"2.0.9.2",
"2.1.4.2",
"2.2.6.1",
"3.0.4.1"
],
"identifier": "GMS-2023-65",
"identifiers": [
"GHSA-93pm-5p5f-3ghx",
"GMS-2023-65",
"CVE-2022-44571"
],
"not_impacted": "All versions before 2.0.0, all versions starting from 2.0.9.2 before 2.1.0, all versions starting from 2.1.4.2 before 2.2.0, all versions starting from 2.2.6.1 before 3.0.0.0, all versions starting from 3.0.4.1",
"package_slug": "gem/rack",
"pubdate": "2023-01-18",
"solution": "Upgrade to versions 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.4.1 or above.",
"title": "Duplicate of ./gem/rack/CVE-2022-44571.yml",
"urls": [
"https://github.com/rack/rack/releases/tag/v3.0.4.1",
"https://github.com/advisories/GHSA-93pm-5p5f-3ghx"
],
"uuid": "90a00c9a-9ebe-4b79-8752-830554b01197"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.4.2",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.6.1",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0.4.1",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.9.2",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-44571"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126"
},
{
"name": "DSA-5530",
"refsource": "DEBIAN",
"tags": [],
"url": "https://www.debian.org/security/2023/dsa-5530"
},
{
"name": "https://security.netapp.com/advisory/ntap-20231208-0013/",
"refsource": "",
"tags": [],
"url": "https://security.netapp.com/advisory/ntap-20231208-0013/"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-12-08T22:15Z",
"publishedDate": "2023-02-09T20:15Z"
}
}
}
Loading...