Lucene search

K

CVE-2024-45614

🗓️ 19 Sep 2024 23:11:15Reported by GitHub_MType 
cve
 cve
🔗 web.nvd.nist.gov👁 60 Views

Puma Ruby/Rack web server allows clients to clobber proxy-defined headers values using a underscore version of the same header, potentially impacting user security. Upgrading to v6.4.3/v5.6.9 or configuring Nginx mitigates this issue

Show more
Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
OSV
CGA-2r2f-jcxj-hqjf
18 Nov 202417:18
osv
OSV
CVE-2024-45614
19 Sep 202423:15
osv
OSV
CGA-7qjr-6v4f-v99j
22 Sep 202414:21
osv
OSV
UBUNTU-CVE-2024-45614
20 Sep 202400:00
osv
OSV
Puma's header normalization allows for client to clobber proxy set headers
20 Sep 202414:40
osv
OSV
ruby3.3-rubygem-puma-6.4.3-1.1 on GA media
7 Nov 202400:00
osv
OSV
puma vulnerability
24 Sep 202413:16
osv
OSV
puma vulnerability
24 Sep 202415:04
osv
OSV
puma - security update
6 Nov 202400:00
osv
OSV
Security update for rubygem-puma
16 Oct 202406:55
osv
Rows per page
Nvd
Vulners
Node
pumapumaRange<5.6.9ruby
OR
pumapumaRange6.0.06.4.3ruby
[
  {
    "vendor": "puma",
    "product": "puma",
    "versions": [
      {
        "version": ">= 6.0.0, < 6.4.3",
        "status": "affected"
      },
      {
        "version": "< 5.6.9",
        "status": "affected"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
19 Sep 2024 23:15Current
5.6Medium risk
Vulners AI Score5.6
CVSS35.4
EPSS0.001
SSVC
60
.json
Report