GHSA-wq4h-7r42-5hrr

Suggest an improvement
Source
https://github.com/advisories/GHSA-wq4h-7r42-5hrr
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wq4h-7r42-5hrr/GHSA-wq4h-7r42-5hrr.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-wq4h-7r42-5hrr
Aliases
Published
2022-05-27T16:36:51Z
Modified
2024-02-18T05:41:38.830363Z
Severity
  • 10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
Possible shell escape sequence injection vulnerability in Rack
Details

There is a possible shell escape sequence injection vulnerability in the Lint and CommonLogger components of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-30123.

Versions Affected: All. Not affected: None Fixed Versions: 2.0.9.1, 2.1.4.1, 2.2.3.1

Impact

Carefully crafted requests can cause shell escape sequences to be written to the terminal via Rack's Lint middleware and CommonLogger middleware. These escape sequences can be leveraged to possibly execute commands in the victim's terminal.

Impacted applications will have either of these middleware installed, and vulnerable apps may have something like this:

use Rack::Lint

Or

use Rack::CommonLogger

All users running an affected release should either upgrade or use one of the workarounds immediately.

Workarounds

Remove these middleware from your application

Database specific
{
    "nvd_published_at": "2022-12-05T22:15:00Z",
    "cwe_ids": [
        "CWE-150"
    ],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2022-05-27T16:36:51Z"
}
References

Affected packages

RubyGems / rack

Package

Name
rack
Purl
pkg:gem/rack

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.9.1

Affected versions

0.*

0.1.0
0.2.0
0.3.0
0.4.0
0.9.0
0.9.1

1.*

1.0.0
1.0.1
1.1.0
1.1.1.pre
1.1.1
1.1.2
1.1.3
1.1.4
1.1.5
1.1.6
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.2.7
1.2.8
1.3.0.beta
1.3.0.beta2
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.3.6
1.3.7
1.3.8
1.3.9
1.3.10
1.4.0
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.4.6
1.4.7
1.5.0.beta.1
1.5.0.beta.2
1.5.0
1.5.1
1.5.2
1.5.3
1.5.4
1.5.5
1.6.0.beta
1.6.0.beta2
1.6.0
1.6.1
1.6.2
1.6.3
1.6.4
1.6.5
1.6.6
1.6.7
1.6.8
1.6.9
1.6.10
1.6.11
1.6.12
1.6.13

2.*

2.0.0.alpha
2.0.0.rc1
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.0.8
2.0.9

Database specific

{
    "last_known_affected_version_range": "<= 2.0.9.0"
}

RubyGems / rack

Package

Name
rack
Purl
pkg:gem/rack

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.1
Fixed
2.1.4.1

Affected versions

2.*

2.1.0
2.1.1
2.1.2
2.1.3
2.1.4

Database specific

{
    "last_known_affected_version_range": "<= 2.1.4.0"
}

RubyGems / rack

Package

Name
rack
Purl
pkg:gem/rack

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.2
Fixed
2.2.3.1

Affected versions

2.*

2.2.0
2.2.1
2.2.2
2.2.3

Database specific

{
    "last_known_affected_version_range": "<= 2.2.3.0"
}