cvedb.io
CVE-2022-44570
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2023-02-09T20:15:11.090 · Last modified 2026-06-17T05:08:32.500

Summary

A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with Range requests (such as streaming applications, or applications that serve files) may be impacted.

Affected products

rack — rack

Does this affect you?

Add your gear to cvedb and we'll alert you only when rack ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.