rack is vulnerable to Regular Expression Denial of Service(ReDoS). The vulnerability exists in the handle_mime_head
function of multipart.rb
due to inefficient regular expression complexity which allows an attacker to crash the application by submitting a malicious input with the Content-Disposition
header.
discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126
github.com/advisories/GHSA-93pm-5p5f-3ghx
github.com/rack/rack/commit/4e33ad10bf5f16d25c156f905bcc548e7f787bc3
github.com/rack/rack/commit/9b5fb5c7ef0e39b959a6c5c0005d9af44a29d6f8
github.com/rack/rack/commit/b79bb5ac6e7478aa02f624bd9ef00b25c2502af5
github.com/rack/rack/releases/tag/v2.0.9.2
github.com/rack/rack/releases/tag/v2.1.4.2
github.com/rack/rack/releases/tag/v3.0.4.1
github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-44571.yml
security.netapp.com/advisory/ntap-20231208-0013/
www.debian.org/security/2023/dsa-5530