CVE-2022-30122: Uncontrolled Resource Consumption
(updated )
A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.
References
- discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729
- github.com/advisories/GHSA-hxqx-xwvh-44m2
- github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-30122.yml
- groups.google.com/g/ruby-security-ann/c/L2Axto442qk
- nvd.nist.gov/vuln/detail/CVE-2022-30122
Detect and mitigate CVE-2022-30122 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →