Ruby through 2.4.7 2.5.x through 2.5.6 and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header an attacker can exploit it to insert a newline character to split a header and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742 which addressed the CRLF vector but did not address an isolated CR or an isolated LF.

🗓️ 25 Sep 2020 07:00:00Reported by MicrosoftType

mscve

mscve🔗 msrc.microsoft.com👁 2 Views

Ruby WEBrick versions allow HTTP header splitting from untrusted input due to CVE 2017 17742 fix.

Reporter	Title	Published	Views	Family All 313
IBM Security Bulletins	Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-ze	24 Jul 202021:16	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities affect IBM Cloud Foundry Migration Runtime	13 Oct 202114:44	–	ibm
Tenable Nessus	macOS 10.13.x < 10.13.6 Multiple Vulnerabilities	10 Apr 201900:00	–	nessus
Tenable Nessus	Amazon Linux 2 : ruby (ALAS-2019-1276)	28 Aug 201900:00	–	nessus
Tenable Nessus	Amazon Linux 2 : ruby (ALAS-2024-2486)	5 Mar 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : ruby (ALASRUBY2.6-2023-007)	27 Sep 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : ruby20 / ruby22,ruby23,ruby24 (ALAS-2018-983)	6 Apr 201800:00	–	nessus
Tenable Nessus	Amazon Linux AMI : ruby24 (ALAS-2020-1422)	31 Aug 202000:00	–	nessus
Tenable Nessus	AlmaLinux 8 : ruby:2.6 (ALSA-2021:2588)	7 Aug 202300:00	–	nessus
Tenable Nessus	CentOS 8 : ruby:2.5 (CESA-2021:2587)	29 Jun 202100:00	–	nessus

Vulners

Node

microsoft cm1_ruby_2.6.7-1Range<2.6.7-1

25 Sep 2020 07:00Current

8.1High risk

Vulners AI Score8.1

CVSS 25

CVSS 35.3

CVSS 3.15.3

EPSS0.01152

ruby webrick http header splitting untrusted input vulnerability 2017 17742