CVE-2023-22795

Name
CVE-2023-22795
Description
A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://discuss.rubyonrails.org/t/cve-2023-22795-possible-redos-based-dos-vulnerability-in-action-dispatch/82118
Third Party Advisory https://www.debian.org/security/2023/dsa-5372
support@hackerone.com https://security.netapp.com/advisory/ntap-20240202-0010/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:* rails >= 7.0.0 < 7.0.4.1
cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:* rails >= 6.1.0 < 6.1.7.1
cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* ruby >= None < 3.2.0
cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:* rails >= None < 6.1.7.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
ruby 3.15-main 3.0.6-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
ruby 3.14-main 2.7.8-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
ruby 3.17-main 3.1.5-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
ruby 3.16-main 3.1.5-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable