Lucene search
K

8 matches found

RubySec
RubySec
added 2026/05/27 12:0 a.m.9 views

Puma PROXY Protocol v1 Accepts Repeated Protocol Headers on Persistent Connections

Impact Puma is vulnerable to source IP spoofing when setremoteaddress proxyprotocol: :v1 is enabled and persistent connections are used. PROXY protocol v1 is a connection-level protocol. Support was added to Puma in v5.5.0. A proxy sends one PROXY header at the beginning of a TCP connection, befo...

5.6AI score0.00015EPSS
Exploits0References1Affected Software1
Debian
Debian
added 2024/11/06 3:58 p.m.19 views

[SECURITY] [DLA 3947-1] puma security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3947-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA November 06, 2024 https://wiki.debian.org/LTS -...

7.5CVSS6.6AI score0.00958EPSS
Exploits0
OSV
OSV
added 2022/08/28 12:0 a.m.41 views

DLA-3083-1 puma - security update

Bulletin has no description...

9.1CVSS6.9AI score0.0214EPSS
Exploits0
OSV
OSV
added 2022/05/24 12:0 a.m.53 views

DSA-5146-1 puma - security update

Bulletin has no description...

9.1CVSS6.7AI score0.0214EPSS
Exploits0
OSV
OSV
added 2021/08/17 3:12 p.m.10 views

SUSE-SU-2021:2761-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: - CVE-2021-29509: Incomplete fix for CVE-2019-16770 allows Denial of Service bsc1188527...

7.5CVSS7.5AI score0.01599EPSS
Exploits0References3
OSV
OSV
added 2020/07/28 3:54 p.m.7 views

SUSE-SU-2020:2060-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: - Add patches for disabling TLSv1.0 and TLSv1.1 jscSLE-6965: - Add CVE-2020-11077.patch bsc1172175, CVE-2020-11077 - Add CVE-2020-11076.patch bsc1172176, CVE-2020-11076 - Add CVE-2020-5247.patch bsc1165402 'Fixes a problem where we were not...

7.5CVSS7.6AI score0.03977EPSS
Exploits0References9
Kitploit
Kitploit
added 2020/04/11 12:30 p.m.262 views

Serverless Prey - Serverless Functions For Establishing Reverse Shells To Lambda, Azure Functions, And Google Cloud Functions

Serverless Prey is a collection of serverless functions FaaS, that, once launched to a cloud environment and invoked, establish a TCP reverse shell, enabling the user to introspect the underlying container: Panther: AWS Lambda written in Node.js Cougar: Azure Function written in C Cheetah: Google...

7.4AI score
Exploits0References6
OSV
OSV
added 2020/01/13 9:38 a.m.12 views

SUSE-SU-2020:0081-1 Security update for crowbar-core, crowbar-openstack, openstack-horizon-plugin-monasca-ui, openstack-monasca-api, openstack-monasca-log-api, openstack-neutron, rubygem-puma, rubygem-rest-client

This update for crowbar-core, crowbar-openstack, openstack-horizon-plugin-monasca-ui, openstack-monasca-api, openstack-monasca-log-api, openstack-neutron, rubygem-puma, rubygem-rest-client contains the following fixes: Security issue fixed for rubygem-puma: - CVE-2019-16770: Fixed a potential...

7.5CVSS6.2AI score0.06457EPSS
Exploits0References12
Rows per page
Query Builder