-
-
Notifications
You must be signed in to change notification settings - Fork 220
/
Copy pathCVE-2023-22792.yml
38 lines (33 loc) · 1.29 KB
/
CVE-2023-22792.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
---
gem: actionpack
framework: rails
cve: 2023-22792
ghsa: p84v-45xj-wwqj
url: /~https://github.com/rails/rails/releases/tag/v7.0.4.1
title: ReDoS based DoS vulnerability in Action Dispatch
date: 2023-01-18
description: |
There is a possible regular expression based DoS vulnerability in Action
Dispatch. This vulnerability has been assigned the CVE identifier
CVE-2023-22792.
Versions Affected: >= 3.0.0
Not affected: < 3.0.0
Fixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1
# Impact
Specially crafted cookies, in combination with a specially crafted
X_FORWARDED_HOST header can cause the regular expression engine to enter a
state of catastrophic backtracking. This can cause the process to use large
amounts of CPU and memory, leading to a possible DoS vulnerability All users
running an affected release should either upgrade or use one of the
workarounds immediately.
# Workarounds
We recommend that all users upgrade to one of the FIXED versions. In the
meantime, users can mitigate this vulnerability by using a load balancer or
other device to filter out malicious X_FORWARDED_HOST headers before they
reach the application.
unaffected_versions:
- "< 3.0.0"
patched_versions:
- "~> 5.2.8, >= 5.2.8.15" # Rails LTS
- "~> 6.1.7, >= 6.1.7.1"
- ">= 7.0.4.1"