Lucene search
K

9 matches found

OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2020:3147-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.98507EPSS
Exploits40References10
OpenVAS
OpenVAS
added 2020/04/12 12:0 a.m.29 views

Fedora: Security Advisory for rubygem-puma (FEDORA-2020-fd87f90634)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/04/10 12:0 a.m.46 views

Fedora 31 : rubygem-puma (2020-fd87f90634)

Security fix for CVE-2020-5247, CVE-2020-5249 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...

7.5CVSS7.2AI score0.02487EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/04/10 12:0 a.m.48 views

Fedora 30 : rubygem-puma (2020-08092b4c97)

Security fix for CVE-2020-5247, CVE-2020-5249 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...

7.5CVSS7.2AI score0.02487EPSS
Exploits0References3
OSV
OSV
added 2020/03/02 4:15 p.m.27 views

CVE-2020-5249

In Puma RubyGem before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is...

6.5CVSS7.2AI score0.01571EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2020/03/02 4:15 p.m.30 views

CVE-2020-5249

In Puma RubyGem before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is...

6.5CVSS6.7AI score0.01571EPSS
Exploits0References5
CVE
CVE
added 2020/03/02 3:20 p.m.179 views

CVE-2020-5249

CVE-2020-5249 affects Puma RubyGem: untrusted input in an Early Hints header can allow HTTP Response Splitting via a carriage return that ends the header and injects content. Impact: attacking craftable headers or response bodies in vulnerable Puma versions. Affected: Puma before 4.3.3 and 3.12.4...

6.5CVSS6.6AI score0.01571EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2020/03/02 3:20 p.m.43 views

CVE-2020-5249 HTTP Response Splitting (Early Hints) in Puma

In Puma RubyGem before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is...

6.5CVSS6.6AI score0.01571EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2020/03/02 3:20 p.m.44 views

CVE-2020-5249

In Puma RubyGem before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is...

6.5CVSS7AI score0.01571EPSS
Exploits0
Rows per page
Query Builder