2 matches found
rubygem-puma: rubygem-rails: information leak between requests
A flaw was found in Puma and Rails rubygems when response bodies were not closed under certain situations. This flaw allows an attacker, by iterating certain requests, to take advantage of this issue and affect CurrentAttributes, leading to leaked data...
PT-2022-7649
Name of the Vulnerable Software and Affected Versions Puma versions prior to 5.6.2 Puma version 4.3.11 Rails versions prior to 7.0.2.2 Rails versions prior to 6.1.4.6 Rails versions prior to 6.0.4.6 Rails versions prior to 5.2.6.2 Description The issue is related to information leakage due to Pum...