[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-44571":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":94,"aliases":95,"duplicate_of":9,"upstream":96,"downstream":97,"duplicates":138,"related":139,"reserved_at":9,"published_at":153,"modified_at":154,"state":155,"summary":156,"references_raw":165,"kevs":181,"epss":182,"epss_history":185,"metrics":450,"affected":456},"CVE-2022-44571","There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted.",null,[11,24],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-1333","Inefficient Regular Expression Complexity","The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.","weakness","Draft","Base","High",[20],{"id":21,"name":22,"techniques":23},"CAPEC-492","Regular Expression Exponential Blowup",[],{"_key":25,"id":25,"name":26,"description":27,"type":15,"status":16,"abstraction":28,"likelihood_of_exploit":18,"capec":29},"CWE-400","Uncontrolled Resource Consumption","The product does not properly control the allocation and maintenance of a limited resource.","Class",[30,34,92],{"id":31,"name":32,"techniques":33},"CAPEC-147","XML Ping of the Death",[],{"id":35,"name":36,"techniques":37},"CAPEC-227","Sustained Client Engagement",[38],{"id":39,"name":40,"tactics":41,"countermeasures":45},"T1499","Endpoint Denial of Service",[42],{"id":43,"name":44},"TA0105","Impact",[46,51,55,59,63,67,71,75,79,83,88],{"id":47,"name":48,"tactic":49},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":50},"Detect",{"id":52,"name":53,"tactic":54},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":50},{"id":56,"name":57,"tactic":58},"D3-CSPP","Client-server Payload Profiling",{"name":50},{"id":60,"name":61,"tactic":62},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":50},{"id":64,"name":65,"tactic":66},"D3-NTSA","Network Traffic Signature Analysis",{"name":50},{"id":68,"name":69,"tactic":70},"D3-APCA","Application Protocol Command Analysis",{"name":50},{"id":72,"name":73,"tactic":74},"D3-NTCD","Network Traffic Community Deviation",{"name":50},{"id":76,"name":77,"tactic":78},"D3-RTSD","Remote Terminal Session Detection",{"name":50},{"id":80,"name":81,"tactic":82},"D3-ISVA","Inbound Session Volume Analysis",{"name":50},{"id":84,"name":85,"tactic":86},"D3-NTF","Network Traffic Filtering",{"name":87},"Isolate",{"id":89,"name":90,"tactic":91},"D3-ITF","Inbound Traffic Filtering",{"name":87},{"id":21,"name":22,"techniques":93},[],[],[],[],[98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136],{"_key":99},"OPENSUSE-SU-2025:14875-1",{"_key":101},"SUSE-SU-2023:0649-1",{"_key":103},"UBUNTU-CVE-2022-44571",{"_key":105},"USN-7036-1",{"_key":107},"SUSE-SU-2023:0276-1",{"_key":109},"OPENSUSE-SU-2024:12633-1",{"_key":111},"OPENSUSE-SU-2024:12634-1",{"_key":113},"OPENSUSE-SU-2024:12974-1",{"_key":115},"OPENSUSE-SU-2024:13167-1",{"_key":117},"OPENSUSE-SU-2024:13726-1",{"_key":119},"OPENSUSE-SU-2024:13727-1",{"_key":121},"OPENSUSE-SU-2025:14811-1",{"_key":123},"DLA-3298-1",{"_key":125},"DSA-5530-1",{"_key":127},"OPENSUSE-SU-2026:10358-1",{"_key":129},"OPENSUSE-SU-2026:10286-1",{"_key":131},"MGASA-2023-0106",{"_key":133},"DEBIAN-CVE-2022-44571",{"_key":135},"USN-5910-1",{"_key":137},"RHSA-2023:6818",[],[140,141,142,143,144,145,146,147,148,149,150,151,152],{"_key":99},{"_key":101},{"_key":107},{"_key":109},{"_key":111},{"_key":113},{"_key":115},{"_key":117},{"_key":119},{"_key":121},{"_key":127},{"_key":129},{"_key":131},"2023-02-09T00:00:00.000Z","2024-08-03T13:54:03.839Z","Modified",{"cisa_kev":157,"cisa_ransomware":157,"cisa_vendor":9,"epss_severity":158,"epss_score":159,"severity":160,"severity_score":161,"severity_version":162,"severity_source":163,"severity_vector":164,"severity_status":155},false,"low",0.03121,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[166,173,177],{"url":167,"sources":168,"tags":170},"https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126",[169,163],"cve.org",[171,172],"Patch","Vendor Advisory",{"url":174,"sources":175,"tags":176},"https://www.debian.org/security/2023/dsa-5530",[169,163],[172],{"url":178,"sources":179,"tags":180},"https://security.netapp.com/advisory/ntap-20231208-0013/",[169,163],[],[],{"date":183,"score":159,"percentile":184},"2026-06-04",0.87087,[186,190,193,196,199,202,205,207,210,213,216,219,221,224,227,231,234,237,241,244,247,250,253,256,258,261,264,267,271,274,277,280,283,285,288,291,294,297,300,303,307,310,313,315,318,320,323,326,329,332,334,337,340,343,346,349,351,354,357,361,364,367,370,373,375,378,381,383,386,389,392,395,397,399,402,405,408,411,414,416,419,422,425,428,431,434,437,440,443,446],{"date":187,"score":188,"percentile":189},"2025-11-04",0.03145,0.86362,{"date":191,"score":188,"percentile":192},"2025-11-05",0.86365,{"date":194,"score":188,"percentile":195},"2025-11-06",0.86363,{"date":197,"score":188,"percentile":198},"2025-11-07",0.86371,{"date":200,"score":188,"percentile":201},"2025-11-08",0.86375,{"date":203,"score":188,"percentile":204},"2025-11-09",0.86369,{"date":206,"score":188,"percentile":204},"2025-11-10",{"date":208,"score":188,"percentile":209},"2025-11-11",0.86374,{"date":211,"score":188,"percentile":212},"2025-11-12",0.8638,{"date":214,"score":188,"percentile":215},"2025-11-13",0.86385,{"date":217,"score":188,"percentile":218},"2025-11-14",0.86388,{"date":220,"score":188,"percentile":212},"2025-11-15",{"date":222,"score":188,"percentile":223},"2025-11-16",0.86382,{"date":225,"score":188,"percentile":226},"2025-11-17",0.86372,{"date":228,"score":229,"percentile":230},"2025-11-18",0.02765,0.84739,{"date":232,"score":229,"percentile":233},"2025-11-19",0.84738,{"date":235,"score":229,"percentile":236},"2025-11-20",0.84744,{"date":238,"score":239,"percentile":240},"2025-11-21",0.02847,0.85745,{"date":242,"score":239,"percentile":243},"2025-11-22",0.85739,{"date":245,"score":239,"percentile":246},"2025-11-23",0.8573,{"date":248,"score":239,"percentile":249},"2025-11-24",0.85731,{"date":251,"score":239,"percentile":252},"2025-11-25",0.85728,{"date":254,"score":239,"percentile":255},"2025-11-26",0.85729,{"date":257,"score":239,"percentile":255},"2025-11-27",{"date":259,"score":239,"percentile":260},"2025-11-28",0.85707,{"date":262,"score":239,"percentile":263},"2025-11-29",0.85762,{"date":265,"score":239,"percentile":266},"2025-11-30",0.85761,{"date":268,"score":269,"percentile":270},"2025-12-01",0.02072,0.83472,{"date":272,"score":269,"percentile":273},"2025-12-02",0.83473,{"date":275,"score":269,"percentile":276},"2025-12-03",0.83476,{"date":278,"score":188,"percentile":279},"2025-12-04",0.8642,{"date":281,"score":188,"percentile":282},"2025-12-05",0.86424,{"date":284,"score":188,"percentile":279},"2025-12-06",{"date":286,"score":188,"percentile":287},"2025-12-07",0.86412,{"date":289,"score":188,"percentile":290},"2025-12-08",0.86413,{"date":292,"score":188,"percentile":293},"2025-12-09",0.86421,{"date":295,"score":188,"percentile":296},"2025-12-10",0.86442,{"date":298,"score":188,"percentile":299},"2025-12-11",0.86449,{"date":301,"score":188,"percentile":302},"2025-12-12",0.86453,{"date":304,"score":305,"percentile":306},"2025-12-13",0.02905,0.85926,{"date":308,"score":305,"percentile":309},"2025-12-14",0.85916,{"date":311,"score":305,"percentile":312},"2025-12-15",0.8591,{"date":314,"score":305,"percentile":309},"2025-12-16",{"date":316,"score":305,"percentile":317},"2025-12-17",0.85921,{"date":319,"score":305,"percentile":306},"2025-12-18",{"date":321,"score":305,"percentile":322},"2025-12-19",0.8593,{"date":324,"score":305,"percentile":325},"2025-12-20",0.85928,{"date":327,"score":305,"percentile":328},"2025-12-21",0.85932,{"date":330,"score":305,"percentile":331},"2025-12-22",0.85925,{"date":333,"score":305,"percentile":322},"2025-12-23",{"date":335,"score":305,"percentile":336},"2025-12-24",0.85935,{"date":338,"score":305,"percentile":339},"2025-12-25",0.85947,{"date":341,"score":305,"percentile":342},"2025-12-26",0.85948,{"date":344,"score":305,"percentile":345},"2025-12-27",0.85998,{"date":347,"score":305,"percentile":348},"2025-12-28",0.8594,{"date":350,"score":305,"percentile":336},"2025-12-29",{"date":352,"score":305,"percentile":353},"2025-12-30",0.85943,{"date":355,"score":305,"percentile":356},"2025-12-31",0.85951,{"date":358,"score":359,"percentile":360},"2026-01-01",0.02252,0.84236,{"date":362,"score":359,"percentile":363},"2026-01-02",0.84233,{"date":365,"score":359,"percentile":366},"2026-01-03",0.84227,{"date":368,"score":305,"percentile":369},"2026-01-04",0.8595,{"date":371,"score":305,"percentile":372},"2026-01-05",0.85949,{"date":374,"score":305,"percentile":356},"2026-01-06",{"date":376,"score":188,"percentile":377},"2026-01-07",0.86487,{"date":379,"score":188,"percentile":380},"2026-01-08",0.86494,{"date":382,"score":188,"percentile":380},"2026-01-09",{"date":384,"score":188,"percentile":385},"2026-01-10",0.86493,{"date":387,"score":188,"percentile":388},"2026-01-11",0.86488,{"date":390,"score":188,"percentile":391},"2026-01-12",0.86484,{"date":393,"score":188,"percentile":394},"2026-01-13",0.8648,{"date":396,"score":188,"percentile":385},"2026-01-14",{"date":398,"score":188,"percentile":385},"2026-01-15",{"date":400,"score":188,"percentile":401},"2026-01-16",0.86497,{"date":403,"score":188,"percentile":404},"2026-01-17",0.86499,{"date":406,"score":188,"percentile":407},"2026-01-18",0.865,{"date":409,"score":188,"percentile":410},"2026-01-19",0.86495,{"date":412,"score":188,"percentile":413},"2026-01-20",0.86489,{"date":415,"score":188,"percentile":410},"2026-01-21",{"date":417,"score":188,"percentile":418},"2026-01-22",0.86501,{"date":420,"score":188,"percentile":421},"2026-01-23",0.86518,{"date":423,"score":188,"percentile":424},"2026-01-24",0.86525,{"date":426,"score":188,"percentile":427},"2026-01-25",0.8652,{"date":429,"score":188,"percentile":430},"2026-01-26",0.86517,{"date":432,"score":188,"percentile":433},"2026-01-27",0.86519,{"date":435,"score":188,"percentile":436},"2026-01-28",0.86522,{"date":438,"score":188,"percentile":439},"2026-01-29",0.86524,{"date":441,"score":188,"percentile":442},"2026-01-30",0.86528,{"date":444,"score":188,"percentile":445},"2026-01-31",0.8653,{"date":447,"score":448,"percentile":449},"2026-02-01",0.02441,0.84873,[451],{"source":163,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":452,"cvss_v4_0":9},{"baseScore":161,"baseSeverity":453,"vectorString":164,"impactScore":454,"exploitabilityScore":455},"HIGH",6,10,[457],{"ecosystem":9,"name":458,"vendor":458,"product":458,"cpe_part":459,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":460},"rack","a",[461,469,473,477],{"version":462,"is_range":463,"range_type":464,"version_start":465,"version_start_type":466,"version_end":467,"version_end_type":468,"fixed_in":9},"gte2.0.0_lt2.0.9.2",true,"cpe","2.0.0","including","2.0.9.2","excluding",{"version":470,"is_range":463,"range_type":464,"version_start":471,"version_start_type":466,"version_end":472,"version_end_type":468,"fixed_in":9},"gte2.1.0_lt2.1.4.2","2.1.0","2.1.4.2",{"version":474,"is_range":463,"range_type":464,"version_start":475,"version_start_type":466,"version_end":476,"version_end_type":468,"fixed_in":9},"gte2.2.0_lt2.2.6.1","2.2.0","2.2.6.1",{"version":478,"is_range":463,"range_type":464,"version_start":479,"version_start_type":466,"version_end":480,"version_end_type":468,"fixed_in":9},"gte3.0.0.0_lt3.0.4.1","3.0.0.0","3.0.4.1"]