CVE-2022-44570

Related Files

Debian Security Advisory 5530-1

Posted Oct 23, 2023

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5530-1 - Several vulnerabilities were discovered in ruby-rack, a modular Ruby webserver interface, which may result in denial of service and shell escape sequence injection.

tags | advisory, denial of service, shell, vulnerability, ruby

systems | linux, debian

advisories | CVE-2022-30122, CVE-2022-30123, CVE-2022-44570, CVE-2022-44571, CVE-2022-44572, CVE-2023-27530, CVE-2023-27539

SHA-256 | 1d720695b79a166118349cbe5f4050069000900a5d5b9d9439ed4da692cb559f

Download | Favorite | View

Ubuntu Security Notice USN-5910-1

Posted Mar 3, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5910-1 - It was discovered that Rack did not properly structure regular expressions in some of its parsing components, which could result in uncontrolled resource consumption if an application using Rack received specially crafted input. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that Rack did not properly structure regular expressions in its multipart parsing component, which could result in uncontrolled resource consumption if an application using Rack to parse multipart posts received specially crafted input. A remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 20.04 ESM and Ubuntu 22.04 ESM.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2022-44570, CVE-2022-44572

SHA-256 | e4713313bc2261a887f827779cc49e6e6980b58aa5003b39b30ef102f9d309d3

Download | Favorite | View