Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:gem/rack@2.1.4.2

Type gem

Namespace

Name rack

Version 2.1.4.2

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.1.4.3

Latest_non_vulnerable_version 3.2.5

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-c9mc-7nts-cfgy

vulnerability_id VCID-c9mc-7nts-cfgy

summary

Duplicate
This advisory duplicates another.

references

reference_url	https://github.com/rack/rack/releases/tag/v3.0.4.1
reference_id
reference_type
scores
url	https://github.com/rack/rack/releases/tag/v3.0.4.1

reference_url	https://hackerone.com/reports/1639882
reference_id
reference_type
scores
url	https://hackerone.com/reports/1639882

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-44572
reference_id	CVE-2022-44572
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-44572

reference_url	https://github.com/advisories/GHSA-rqv2-275x-2jq5
reference_id	GHSA-rqv2-275x-2jq5
reference_type
scores
url	https://github.com/advisories/GHSA-rqv2-275x-2jq5

fixed_packages

url	pkg:gem/rack@2.0.9.2
purl	pkg:gem/rack@2.0.9.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.0.9.2

url	pkg:gem/rack@2.1.4.2
purl	pkg:gem/rack@2.1.4.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.1.4.2

url	pkg:gem/rack@2.2.5
purl	pkg:gem/rack@2.2.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.2.5

aliases CVE-2022-44572, GHSA-rqv2-275x-2jq5, GMS-2023-66

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c9mc-7nts-cfgy

url VCID-ebb6-b5tx-5bhf

vulnerability_id VCID-ebb6-b5tx-5bhf

summary

Duplicate
This advisory duplicates another.

references

reference_url	https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126
reference_id
reference_type
scores
url	https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126

reference_url	https://github.com/rack/rack/releases/tag/v3.0.4.1
reference_id
reference_type
scores
url	https://github.com/rack/rack/releases/tag/v3.0.4.1

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-44571
reference_id	CVE-2022-44571
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-44571

reference_url	https://github.com/advisories/GHSA-93pm-5p5f-3ghx
reference_id	GHSA-93pm-5p5f-3ghx
reference_type
scores
url	https://github.com/advisories/GHSA-93pm-5p5f-3ghx

fixed_packages

url	pkg:gem/rack@2.0.9.2
purl	pkg:gem/rack@2.0.9.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.0.9.2

url	pkg:gem/rack@2.1.4.2
purl	pkg:gem/rack@2.1.4.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.1.4.2

url	pkg:gem/rack@2.2.6.1
purl	pkg:gem/rack@2.2.6.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.2.6.1

url	pkg:gem/rack@3.0.4.1
purl	pkg:gem/rack@3.0.4.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rack@3.0.4.1

aliases CVE-2022-44571, GHSA-93pm-5p5f-3ghx, GMS-2023-65

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebb6-b5tx-5bhf

url VCID-mgx9-9bua-37f3

vulnerability_id VCID-mgx9-9bua-37f3

summary

Duplicate
This advisory duplicates another.

references

reference_url	https://discuss.rubyonrails.org/t/cve-2022-44570-possible-denial-of-service-vulnerability-in-racks-range-header-parsing/82125
reference_id
reference_type
scores
url	https://discuss.rubyonrails.org/t/cve-2022-44570-possible-denial-of-service-vulnerability-in-racks-range-header-parsing/82125

reference_url	https://github.com/rack/rack
reference_id
reference_type
scores
url	https://github.com/rack/rack

reference_url	https://github.com/rack/rack/releases/tag/v3.0.4.1
reference_id
reference_type
scores
url	https://github.com/rack/rack/releases/tag/v3.0.4.1

reference_url	https://security.netapp.com/advisory/ntap-20231208-0010
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20231208-0010

reference_url	https://www.debian.org/security/2023/dsa-5530
reference_id
reference_type
scores
url	https://www.debian.org/security/2023/dsa-5530

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-44570
reference_id	CVE-2022-44570
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-44570

reference_url	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-44570.yml
reference_id	CVE-2022-44570.YML
reference_type
scores
url	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-44570.yml

reference_url	https://github.com/advisories/GHSA-65f5-mfpf-vfhj
reference_id	GHSA-65f5-mfpf-vfhj
reference_type
scores
url	https://github.com/advisories/GHSA-65f5-mfpf-vfhj

fixed_packages

url	pkg:gem/rack@2.0.9.2
purl	pkg:gem/rack@2.0.9.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.0.9.2

url	pkg:gem/rack@2.1.4.2
purl	pkg:gem/rack@2.1.4.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.1.4.2

url	pkg:gem/rack@2.2.6.2
purl	pkg:gem/rack@2.2.6.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.2.6.2

url	pkg:gem/rack@3.0.4.1
purl	pkg:gem/rack@3.0.4.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/rack@3.0.4.1

aliases CVE-2022-44570, GHSA-65f5-mfpf-vfhj, GMS-2023-64

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mgx9-9bua-37f3

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.1.4.2

Package Instance