Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-44572

Опубликовано: 09 фев. 2023
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

not-affected

2.2.4-3
esm-apps/bionic

not-affected

code not present
esm-apps/focal

released

2.0.7-2ubuntu0.1+esm3
esm-apps/jammy

released

2.1.4-5ubuntu1+esm3
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
focal

ignored

end of standard support, was needed
jammy

released

2.1.4-5ubuntu1.1
kinetic

ignored

end of life, was needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 48%
0.0025
Низкий

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-44572

CVSS3: 7.5
redhat
больше 2 лет назад

A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted.

nvd логотип

CVE-2022-44572

CVSS3: 7.5
nvd
больше 2 лет назад

A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that parse multipart posts using Rack (virtually all Rails applications) are impacted.

debian логотип

CVE-2022-44572

CVSS3: 7.5
debian
больше 2 лет назад

A denial of service vulnerability in the multipart parsing component o ...

github логотип

GHSA-rqv2-275x-2jq5

github
больше 2 лет назад

Denial of service via multipart parsing in Rack

fstec логотип

BDU:2024-02581

CVSS3: 7.5
fstec
больше 2 лет назад

Уязвимость компонента анализа Range модульного интерфейса между веб-серверами и веб-приложениями Rack, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 48%
0.0025
Низкий

7.5 High

CVSS3