Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Mageia 8: 2022-0252 Moderate: Ruby Rack DoS and Shell Escape

mageia
Calendar Grey July 5, 2022
Dist Mageia Esm H88
Recent updates to the ruby-rack packages in Mageia mitigate issues related to specially designed requests that could exploit DoS conditions and facilitate shell escape vulnerabilities.
Crafted multipart POST request may cause a DoS (CVE-2022-30122) Crafted requests can cause shell escape sequences (CVE-2022-30123) References: - https://bugs.mageia.org/show_bug.c...

Summary

Crafted multipart POST request may cause a DoS (CVE-2022-30122) Crafted requests can cause shell escape sequences (CVE-2022-30123)

References

- https://bugs.mageia.org/show_bug.cgi?id=30584

-

- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-30122.yml

- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-30123.yml

- https://www.cve.org/CVERecord?id=CVE-2022-30122

- https://www.cve.org/CVERecord?id=CVE-2022-30123

Topics%20covered

Topics Covered

security advisory moderate DoS vulnerability shell escape Mageia ruby rack

Resolution

SRPMS

- 8/core/ruby-rack-2.2.3.1-1.mga8

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 05 Jul 2022
URL: https://advisories.mageia.org/MGASA-2022-0252.html
Type: security
CVE: CVE-2022-30122, CVE-2022-30123

Topics%20covered

Topics Covered

security advisory moderate DoS vulnerability shell escape Mageia ruby rack

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here