4 matches found
Puma PROXY Protocol v1 Accepts Repeated Protocol Headers on Persistent Connections
Impact Puma is vulnerable to source IP spoofing when setremoteaddress proxyprotocol: :v1 is enabled and persistent connections are used. PROXY protocol v1 is a connection-level protocol. Support was added to Puma in v5.5.0. A proxy sends one PROXY header at the beginning of a TCP connection, befo...
User Impersonation
Overview puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process...
CVE-2026-42626
HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 JetDirect/RAW printing. An unauthenticated remote attacker on the same network can establish a persistent connection to port 9100 and send keep-alive packets, causing the printer's...
CVE-2026-42626
HP ENVY 5000 series printers (VERBASPP1N003.2237A.00) are affected by a DoS condition caused by improper management of concurrent TCP connections to port 9100 (JetDirect/RAW printing). An unauthenticated remote attacker on the same network can establish a persistent connection and send keep-alive...