Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2022-30123

A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.

Related bugs and status

CVE-2022-30123 (Candidate) is related to these bugs:

Bug #1990575: [MIR] Promote ruby-rack to main as a pcs indirect dependency

Summary				In	Importance	Status
	1990575	[MIR] Promote ruby-rack to main as a pcs indirect dependency		ruby-rack (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://discuss.rubyon...
DEBIAN: DSA-5530
GENTOO: GLSA-202310-18
CONFIRM: https://security.netap...