Ruby versions before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 are vulnerable to an HTTP Response Splitting attack, allowing injection of crafted key and value into the HTTP response for WEBrick server
Reporter | Title | Published | Views | Family All 159 |
---|---|---|---|---|
UbuntuCve | CVE-2017-17742 | 3 Apr 201800:00 | – | ubuntucve |
UbuntuCve | CVE-2019-16254 | 20 Nov 201900:00 | – | ubuntucve |
Veracode | HTTP Response Splitting | 15 Jan 201909:27 | – | veracode |
OSV | CVE-2017-17742 | 3 Apr 201822:29 | – | osv |
OSV | Red Hat Security Advisory: ruby security update | 13 Sep 202419:57 | – | osv |
OSV | CVE-2019-16254 | 26 Nov 201918:15 | – | osv |
OSV | Red Hat Security Advisory: ruby security update | 13 Sep 202419:57 | – | osv |
OSV | Red Hat Security Advisory: ruby security update | 13 Sep 202419:58 | – | osv |
OSV | jruby - security update | 10 Dec 201900:00 | – | osv |
OSV | ruby1.8 - security update | 23 Apr 201800:00 | – | osv |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo