CVE-2022-30122

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2022-30122
A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729 Third Party Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*
cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*
cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*
Information

Published : 2022-12-05 14:15

Updated : 2022-12-06 20:39

NVD link : CVE-2022-30122

Mitre link : CVE-2022-30122

JSON object : View

CWE
CWE-400

Uncontrolled Resource Consumption

Advertisement

dedicated server usa
Products Affected

rack_project

  • rack