Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:OPENSUSE-SU-2024:13720-1
HistoryJun 15, 2024 - 12:00 a.m.

ruby3.3-rubygem-puma-6.4.2-1.1 on GA media

2024-06-1500:00:00
Google
osv.dev
ruby3.3
puma
6.4.2
opensuse tumbleweed
security issues

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

AI Score

7.3

Confidence

Low

JSON

These are all security issues fixed in the ruby3.3-rubygem-puma-6.4.2-1.1 package on the GA media of openSUSE Tumbleweed.

Related

osv 24
openvas 17
debian 4
nessus 18
rubygems 4
debiancve 5
cve 5
prion 5
ubuntucve 6
cvelist 5
redhatcve 5
veracode 4
cnvd 1
nvd 5
github 4
ubuntu 1
fedora 4
suse 5
gentoo 1
redhat 2
rocky 1
ibm 1
osv
osv
ruby3.1-rubygem-puma-5.6.2-1.1 on GA media
2024-06-15 00:00:00
ruby3.2-rubygem-puma-6.0.0-2.1 on GA media
2024-06-15 00:00:00
puma - security update
2022-05-26 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3023-1)
2022-05-26 00:00:00
Ruby on Rails Information Disclosure Vulnerability (GHSA-rmj8-8hhh-gv5h) - Windows
2022-02-21 00:00:00
Ruby on Rails Information Disclosure Vulnerability (GHSA-rmj8-8hhh-gv5h) - Linux
2022-02-21 00:00:00
debian
debian
[SECURITY] [DLA 3023-1] puma security update
2022-05-25 22:50:13
[SECURITY] [DLA 2398-1] puma security update
2020-10-07 11:06:30
[SECURITY] [DSA 5146-1] puma security update
2022-05-24 17:49:53
nessus
nessus
SUSE SLES15 Security Update : rubygem-puma (SUSE-SU-2022:1515-1)
2022-05-05 00:00:00
Debian DLA-3023-1 : puma - LTS security update
2022-05-26 00:00:00
GLSA-202208-28 : Puma: Multiple Vulnerabilities
2022-08-15 00:00:00
rubygems
rubygems
Keepalive thread overload/DoS in puma
2019-12-04 21:00:00
HTTP Smuggling via Transfer-Encoding Header in Puma
2020-05-21 21:00:00
Information Exposure with Puma when used with Rails
2022-02-10 21:00:00
debiancve
debiancve
CVE-2019-16770
2019-12-05 20:15:10
CVE-2020-11076
2020-05-22 15:15:11
CVE-2022-23634
2022-02-11 22:15:07
cve
cve
CVE-2019-16770
2019-12-05 20:15:10
CVE-2022-23634
2022-02-11 22:15:07
CVE-2020-11076
2020-05-22 15:15:11
prion
prion
Code injection
2020-05-22 15:15:00
Spoofing
2019-12-05 20:15:00
Information disclosure
2022-02-11 22:15:00
ubuntucve
ubuntucve
CVE-2019-16770
2019-12-05 00:00:00
CVE-2022-23634
2022-02-11 00:00:00
CVE-2020-11076
2020-05-22 00:00:00
cvelist
cvelist
CVE-2019-16770 Potential DOS attack in Puma
2019-12-05 19:35:14
CVE-2020-11076 HTTP Smuggling via Transfer-Encoding Header in Puma
2020-05-22 14:50:12
CVE-2022-23634 Information Exposure when using Puma with Rails
2022-02-11 21:40:11
redhatcve
redhatcve
CVE-2020-11076
2020-06-01 13:51:44
CVE-2022-23634
2022-02-14 13:37:49
CVE-2019-16770
2020-05-04 20:09:52
veracode
veracode
HTTP Request Smuggling
2020-05-26 05:32:59
Denial Of Service (DoS)
2019-12-06 05:41:17
Information Disclosure
2022-02-14 09:11:49
cnvd
cnvd
Puma Information Breach Vulnerability
2022-02-15 00:00:00
nvd
nvd
CVE-2022-23634
2022-02-11 22:15:07
CVE-2019-16770
2019-12-05 20:15:10
CVE-2020-11076
2020-05-22 15:15:11
github
github
A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack
2019-12-05 19:26:37
HTTP Smuggling via Transfer-Encoding Header in Puma
2020-05-22 14:55:05
Puma's Keepalive Connections Causing Denial Of Service
2021-05-18 01:27:15
ubuntu
ubuntu
Puma vulnerabilities
2024-03-07 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: rubygem-puma-4.3.6-1.fc33
2020-09-25 17:18:05
[SECURITY] Fedora 37 Update: rubygem-puma-5.6.5-1.fc37
2022-09-12 17:53:51
[SECURITY] Fedora 35 Update: rubygem-puma-4.3.6-5.fc35
2022-09-07 09:56:59
suse
suse
Security update for rubygem-puma (moderate)
2020-07-18 00:00:00
Security update for rubygem-puma (moderate)
2020-07-18 00:00:00
Security update for rubygem-puma (important)
2022-05-04 00:00:00
gentoo
gentoo
Puma: Multiple Vulnerabilities
2022-08-14 00:00:00
redhat
redhat
(RHSA-2021:4702) Moderate: Satellite 6.10 Release
2021-11-16 13:58:57
(RHSA-2022:5498) Moderate: Satellite 6.11 Release
2022-07-05 13:55:16
rocky
rocky
Satellite 6.11 Release
2022-07-05 13:55:16
ibm
ibm
Security Bulletin: IBM Operational Decision Manager for April 2024 - Multiple CVEs addressed
2024-05-17 04:36:41

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

AI Score

7.3

Confidence

Low

JSON
Related for OSV:OPENSUSE-SU-2024:13720-1
osv24openvas17debian4nessus18rubygems4debiancve5cve5prion5ubuntucve6cvelist5redhatcve5veracode4cnvd1nvd5github4ubuntu1fedora4suse5gentoo1redhat2rocky1ibm1