CVE-2022-30123
published 2022-12-05CVE-2022-30123: A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger…
PriorityP356critical10CVSS 3.1
AVNACLPRNUINSCCHIHAH
EPSS
1.80%
75.8th percentile
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | ruby-rack | < ruby-rack 2.2.4-1 (bookworm) | ruby-rack 2.2.4-1 (bookworm) |
| https | github.com_rack_rack | — | — |
| rack | rack | >= 0 < 2.0.9.1 | 2.0.9.1 |
| rack | rack | >= 2.1 < 2.1.4.1 | 2.1.4.1 |
| rack | rack | >= 2.2 < 2.2.3.1 | 2.2.3.1 |
| rack_project | rack | < 2.0.9.1 | 2.0.9.1 |
| rack_project | rack | >= 2.1.0 < 2.1.4.1 | 2.1.4.1 |
| rack_project | rack | >= 2.2.0 < 2.2.3.1 | 2.2.3.1 |
CVSS provenance
nvdv3.110.0CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
ghsa10.0CRITICAL
osv10.0CRITICAL
vendor_debian10.0CRITICAL
vendor_redhat10.0CRITICAL
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Rack vulnerabilities
vendor_ubuntu·2024-09-26·CVSS 7.5
CVE-2024-25126 [HIGH] Rack vulnerabilities
Title: Rack vulnerabilities
Summary: Several security issues were fixed in Rack.
It was discovered that Rack was not properly parsing data when processing
multipart POST requests. If a user or automated system were tricked into
sending a specially crafted multipart POST request to an application using
Rack, a remote attacker could possibly use this issue to cause a denial of
service. (CVE-2022-30122)
It was discovered that Rack was not properly escaping untrusted data when
performing logging operations, which could cause shell escaped sequences
to be written to a terminal. If a user or automated system were tricked
into sending a specially crafted request to an application using Rack, a
remote attacker could possibly use this issue to execute arbitrary code in
the machine running the ap
Ubuntu
Rack vulnerabilities
vendor_ubuntu·2023-02-27·CVSS 7.5
CVE-2022-30123 [HIGH] Rack vulnerabilities
Title: Rack vulnerabilities
Summary: Several security issues were fixed in Rack.
It was discovered that Rack was not properly parsing data when processing
multipart POST requests. If a user or automated system were tricked into
sending a specially crafted multipart POST request to an application using
Rack, a remote attacker could possibly use this issue to cause a denial of
service. (CVE-2022-30122)
It was discovered that Rack was not properly escaping untrusted data when
performing logging operations, which could cause shell escaped sequences
to be written to a terminal. If a user or automated system were tricked
into sending a specially crafted request to an application using Rack, a
remote attacker could possibly use this issue to execute arbitrary code in
the machine running the ap
Ubuntu
Rack vulnerabilities
vendor_ubuntu·2022-12-13·CVSS 6.3
CVE-2020-8184 [MEDIUM] Rack vulnerabilities
Title: Rack vulnerabilities
Summary: Several security issues were fixed in Rack.
It was discovered that Rack insecurely handled session ids. An
unauthenticated remote attacker could possibly use this issue to perform
a timing attack and hijack sessions. (CVE-2019-16782)
It was discovered that Rack was incorrectly handling cookies during
parsing, not validating them or performing the necessary integrity checks.
An attacker could possibly use this issue to overwrite existing cookie
data and gain control over a remote system's behaviour. This issue only
affected Ubuntu 14.04 ESM. (CVE-2020-8184)
It was discovered that Rack was not properly parsing data when processing
multipart POST requests. If a user or automated system were tricked into
sending a specially crafted multipart POST reques
Red Hat
rubygem-rack: crafted requests can cause shell escape sequences
vendor_redhat·2022-05-27·CVSS 10.0
CVE-2022-30123 [CRITICAL] CWE-179 rubygem-rack: crafted requests can cause shell escape sequences
rubygem-rack: crafted requests can cause shell escape sequences
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack's `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim's terminal.
Statement: - Because Red Hat OpenStack Platform 13.0 Operational Tools packaged the flawed code, but does not use its functionality, its Impact has been reduced to 'Low'.
- To exploit this vulnerability, applications should have either of these mid
Debian
CVE-2022-30123: ruby-rack - A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3....
vendor_debian·2022·CVSS 10.0
CVE-2022-30123 [CRITICAL] CVE-2022-30123: ruby-rack - A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3....
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
Scope: local
bookworm: resolved (fixed in 2.2.4-1)
bullseye: resolved (fixed in 2.1.4-3+deb11u1)
forky: resolved (fixed in 2.2.4-1)
sid: resolved (fixed in 2.2.4-1)
trixie: resolved (fixed in 2.2.4-1)
OSV
ruby-rack vulnerabilities
osv·2024-09-26·CVSS 7.5
CVE-2022-30122 [HIGH] ruby-rack vulnerabilities
ruby-rack vulnerabilities
It was discovered that Rack was not properly parsing data when processing
multipart POST requests. If a user or automated system were tricked into
sending a specially crafted multipart POST request to an application using
Rack, a remote attacker could possibly use this issue to cause a denial of
service. (CVE-2022-30122)
It was discovered that Rack was not properly escaping untrusted data when
performing logging operations, which could cause shell escaped sequences
to be written to a terminal. If a user or automated system were tricked
into sending a specially crafted request to an application using Rack, a
remote attacker could possibly use this issue to execute arbitrary code in
the machine running the application. (CVE-2022-30123)
It was discovered that Rack
OSV
ruby-rack vulnerabilities
osv·2023-02-27·CVSS 7.5
CVE-2022-30122 [HIGH] ruby-rack vulnerabilities
ruby-rack vulnerabilities
It was discovered that Rack was not properly parsing data when processing
multipart POST requests. If a user or automated system were tricked into
sending a specially crafted multipart POST request to an application using
Rack, a remote attacker could possibly use this issue to cause a denial of
service. (CVE-2022-30122)
It was discovered that Rack was not properly escaping untrusted data when
performing logging operations, which could cause shell escaped sequences
to be written to a terminal. If a user or automated system were tricked
into sending a specially crafted request to an application using Rack, a
remote attacker could possibly use this issue to execute arbitrary code in
the machine running the application. (CVE-2022-30123)
OSV
ruby-rack vulnerabilities
osv·2022-12-13·CVSS 5.9
CVE-2019-16782 [MEDIUM] ruby-rack vulnerabilities
ruby-rack vulnerabilities
It was discovered that Rack insecurely handled session ids. An
unauthenticated remote attacker could possibly use this issue to perform
a timing attack and hijack sessions. (CVE-2019-16782)
It was discovered that Rack was incorrectly handling cookies during
parsing, not validating them or performing the necessary integrity checks.
An attacker could possibly use this issue to overwrite existing cookie
data and gain control over a remote system's behaviour. This issue only
affected Ubuntu 14.04 ESM. (CVE-2020-8184)
It was discovered that Rack was not properly parsing data when processing
multipart POST requests. If a user or automated system were tricked into
sending a specially crafted multipart POST request to an application using
Rack, a remote attacker could
OSV
CVE-2022-30123: A sequence injection vulnerability exists in Rack <2
osv·2022-12-05·CVSS 10.0
CVE-2022-30123 [CRITICAL] CVE-2022-30123: A sequence injection vulnerability exists in Rack <2
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
GHSA
Possible shell escape sequence injection vulnerability in Rack
ghsa·2022-05-27·CVSS 10.0
CVE-2022-30123 [CRITICAL] CWE-150 Possible shell escape sequence injection vulnerability in Rack
Possible shell escape sequence injection vulnerability in Rack
There is a possible shell escape sequence injection vulnerability in the Lint
and CommonLogger components of Rack. This vulnerability has been assigned the
CVE identifier CVE-2022-30123.
Versions Affected: All.
Not affected: None
Fixed Versions: 2.0.9.1, 2.1.4.1, 2.2.3.1
## Impact
Carefully crafted requests can cause shell escape sequences to be written to
the terminal via Rack's Lint middleware and CommonLogger middleware. These
escape sequences can be leveraged to possibly execute commands in the victim's
terminal.
Impacted applications will have either of these middleware installed, and
vulnerable apps may have something like this:
```
use Rack::Lint
```
Or
```
use Rack::CommonLogger
```
All users running an affected
OSV
Possible shell escape sequence injection vulnerability in Rack
osv·2022-05-27·CVSS 10.0
CVE-2022-30123 [CRITICAL] Possible shell escape sequence injection vulnerability in Rack
Possible shell escape sequence injection vulnerability in Rack
There is a possible shell escape sequence injection vulnerability in the Lint
and CommonLogger components of Rack. This vulnerability has been assigned the
CVE identifier CVE-2022-30123.
Versions Affected: All.
Not affected: None
Fixed Versions: 2.0.9.1, 2.1.4.1, 2.2.3.1
## Impact
Carefully crafted requests can cause shell escape sequences to be written to
the terminal via Rack's Lint middleware and CommonLogger middleware. These
escape sequences can be leveraged to possibly execute commands in the victim's
terminal.
Impacted applications will have either of these middleware installed, and
vulnerable apps may have something like this:
```
use Rack::Lint
```
Or
```
use Rack::CommonLogger
```
All users running an affected
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728https://security.gentoo.org/glsa/202310-18https://security.netapp.com/advisory/ntap-20231208-0011/https://www.debian.org/security/2023/dsa-5530https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728https://security.gentoo.org/glsa/202310-18https://security.netapp.com/advisory/ntap-20231208-0011/https://www.debian.org/security/2023/dsa-5530
2022-12-05
Published