Denial of Service Vulnerability in Rack Software by Ruby
CVE-2022-30122
7.5HIGH
Key Information:
- Vendor
Rack Project
- Vendor
- CVE Published:
- 5 December 2022
What is CVE-2022-30122?
A vulnerability in Rack's multipart parsing component has been identified, which could lead to denial of service under certain conditions. Versions prior to 2.0.9.1, 2.1.4.1, and 2.2.3.1 are affected. This security issue may allow attackers to disrupt service availability, making it essential for users to apply recommended updates to mitigate potential risks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
https://github.com/rack/rack 2.0.9.1, 2.1.4.1, 2.2.3.1
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved