CVE-2022-30123

Summary

A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.

Affected Software

VendorProductVersion RangeStatus
n/ahttps://github.com/rack/rack2.0.9.1, 2.1.4.1, 2.2.3.1affected

Weaknesses

  • CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences (CWE-150)

ADP Enrichment

CVE Program Container

Additional References

References