MGASA-2022-0252

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2022-30122 CVE-2022-30123

Published: 05 Jul 2022, 19:11

Last modified:16 Apr 2026, 04:23

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

05 Jul 2022, 19:11

Published

Vulnerability first disclosed

16 Apr 2026, 04:23

Last Modified

Vulnerability information updated

Description

Updated ruby-rack packages fix security vulnerability Crafted multipart POST request may cause a DoS (CVE-2022-30122) Crafted requests can cause shell escape sequences (CVE-2022-30123)

Affected Systems

mageia•ruby-rack
< 2.2.3.1-1.mga8

References (5)

https://advisories.mageia.org/MGASA-2022-0252.html
https://bugs.mageia.org/show_bug.cgi?id=30584
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YUVA3VLO4OV257BQFK2XW3NHYOE2V7GX/
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-30122.yml
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-30123.yml