3 matches found
Unity Linux 20.1060e / 20.1070e Security Update: rubygem-puma (UTSA-2026-017512)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017512 advisory. In Puma RubyGem before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma...
rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers
An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests...
DEBIAN-CVE-2020-11076
In Puma RubyGem before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4...