Lucene search
+L

5 matches found

SUSE Linux
SUSE Linux
added 2025/10/07 11:34 a.m.6 views

Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: Update to version 5.6.9. CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. CVE-2024-21647: unbounded resource consumpti...

7.3CVSS6.8AI score0.00958EPSS
Exploits0References12
OSV
OSV
added 2025/10/07 11:34 a.m.5 views

SUSE-SU-2025:03467-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: Update to version 5.6.9. - CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. - CVE-2024-21647: unbounded resource...

9.8CVSS6.4AI score0.00958EPSS
Exploits0References7
OSV
OSV
added 2025/10/07 11:33 a.m.3 views

SUSE-SU-2025:03466-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: Update to version 5.6.9. - CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. - CVE-2024-21647: unbounded resource...

9.8CVSS6.4AI score0.00958EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2024/10/16 6:55 a.m.4 views

Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: CVE-2024-45614: Prevent underscores from clobbering hyphen headers bsc1230848. CVE-2024-21647: Fixed DoS when parsing chunked Transfer-Encoding bodies bsc1218638. Patch Instructions: To install this SUSE update use the SUSE recommended...

6.3CVSS6.5AI score0.00958EPSS
Exploits0References8
OSV
OSV
added 2024/09/19 10:42 p.m.28 views

CVE-2024-45614 Header normalization allows for client to clobber proxy set headers in Puma

Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies such as X-Forwarded-For by providing a underscore version of the same header X-ForwardedFor. Any users relying on proxy set variables is affected. v6.4.3/v5.6.9 now...

5.4CVSS6AI score0.00646EPSS
Exploits0References5
Rows per page
Query Builder