CVE-2022-45442

Risk Scores

Affected Products

Exploit Intelligence

• https://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Reflected-File-Download-A-New-Web-Attack-Vector.pdf (nist-nvd)
• CIRCL seen: CVE-2022-45442 (circl-sighting)
• https://lists.debian.org/debian-lts-announce/2024/09/msg00020.html (circl)
• https://github.com/sinatra/sinatra/security/advisories/GHSA-2x8x-jmrp-phxw (circl)
• https://github.com/sinatra/sinatra/commit/ea8fc9495a350f7551b39e3025bfcd06f49f363b (circl)
• https://github.com/advisories/GHSA-8x94-hmjh-97hq (circl)
• [debian-lts-announce] 20230110 [SECURITY] [DLA 3264-1] ruby-sinatra security update (circl)

Timeline

• Nov 28, 2022 CVE Published
• Nov 29, 2022 EPSS Score
• Jan 10, 2023 EPSS Score
• Feb 22, 2023 EPSS Score
• Mar 7, 2023 EPSS Score
• Apr 5, 2023 EPSS Score
• May 17, 2023 EPSS Score
• Jun 29, 2023 EPSS Score
• Aug 10, 2023 EPSS Score
• Sep 21, 2023 EPSS Score
• Nov 3, 2023 EPSS Score
• Dec 15, 2023 EPSS Score

References

• https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0186.json advisory
• https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0186 advisory
• https://access.redhat.com/errata/RHSA-2023:0393 advisory
• https://access.redhat.com/errata/RHSA-2023:0397 advisory
• https://access.redhat.com/errata/RHSA-2023:0403 advisory
• https://access.redhat.com/errata/RHSA-2023:0442 advisory
• https://access.redhat.com/errata/RHSA-2023:0427 advisory
• http://linux.oracle.com/errata/ELSA-2023-0403.html advisory
• https://lists.centos.org/pipermail/centos-announce/2023-January/086361.html advisory
• https://access.redhat.com/errata/RHSA-2023:0506 advisory
• https://access.redhat.com/errata/RHSA-2023:0527 advisory
• https://access.redhat.com/errata/RHSA-2023:0857 advisory
• https://access.redhat.com/errata/RHSA-2023:0855 advisory
• https://access.redhat.com/errata/RHSA-2023:0974 advisory
• https://lists.debian.org/debian-lts-announce/2024/09/msg00020.html advisory
• https://ubuntu.com/security/notices/USN-7664-1 advisory