CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/06/27 12:0 a.m.•11 views

Ruby WEBrick < 1.8.2 HTTP Request Smuggling

The version of the WEBrick Ruby library installed on the remote host is prior to 1.8.2. It is, therefore, affected by an HTTP request smuggling vulnerability in the readheader. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick...

OSV•added 2025/06/26 9:31 p.m.•3 views

Exploits0References3

GHSA-R995-Q44H-HR64 Ruby WEBrick read_headers method can lead to HTTP Request/Response Smuggling

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

6.5CVSS6.9AI score0.00257EPSS

Exploits0References5

Github Security Blog•added 2025/06/26 9:31 p.m.•11 views

Ruby WEBrick read_headers method can lead to HTTP Request/Response Smuggling

6.5CVSS6.9AI score0.00257EPSS

Exploits0References5Affected Software1

RubySec•added 2025/06/26 12:0 a.m.•11 views

Ruby WEBrick read_headers method can lead to HTTP Request/Response Smuggling

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

Exploits0References1Affected Software1

CVE-2025-6442

5.9CVSS6.9AI score

OSV•added 2025/06/25 5:15 p.m.•2 views

AZL-64367 CVE-2025-6442 affecting package rubygem-webrick for versions less than 1.7.0-2

OSV•added 2025/06/25 5:15 p.m.•1 views

AZL-64364 CVE-2025-6442 affecting package ruby for versions less than 3.1.7-2

AZL-64355 CVE-2025-6442 affecting package rubygem-webrick for versions less than 1.8.1-2

AlpineLinux•added 2025/06/25 5:15 p.m.•2 views

CVE-2025-6442

6.5CVSS6.6AI score0.00257EPSS

DEBIAN-CVE-2025-6442

NVD•added 2025/06/25 5:15 p.m.•5 views

CVE-2025-6442

6.5CVSS0.00257EPSS

AZL-64352 CVE-2025-6442 affecting package ruby for versions less than 3.3.5-4

CVE•added 2025/06/25 4:52 p.m.•55 views

CVE-2025-6442

CVE-2025-6442 affects Ruby WEBrick: the vulnerability is a flaw in read_headers that causes inconsistent termination parsing of HTTP headers, enabling HTTP request smuggling under certain proxy conditions. Affected are Ruby WEBrick and Rubygem-WeBrick components across several platforms (e.g., Ru...

Exploits0References2Affected Software1

Cvelist•added 2025/06/25 4:52 p.m.•4 views

CVE-2025-6442 Ruby WEBrick read_header HTTP Request Smuggling Vulnerability

6.5CVSS0.00257EPSS

Vulnrichment•added 2025/06/25 4:52 p.m.•2 views

CVE-2025-6442 Ruby WEBrick read_header HTTP Request Smuggling Vulnerability

6.5CVSS6.6AI score0.00257EPSS

Debian CVE•added 2025/06/25 4:52 p.m.•5 views

CVE-2025-6442

6.5CVSS6.6AI score0.00257EPSS

Exploits0

SUSE CVE•added 2025/06/24 11:24 p.m.•1 views

SUSE CVE-2025-6442

Positive Technologies•added 2025/06/23 12:0 a.m.•2 views

Exploits0References6

PT-2025-26617 · Ruby +1 · Ruby Webrick +1

Name of the Vulnerable Software and Affected Versions: Ruby WEBrick affected versions not specified Description: The issue concerns an HTTP Request Smuggling Vulnerability in Ruby WEBrick's read header function. No information is provided about the estimated number of potentially affected devices...

6.5CVSS6.2AI score0.00257EPSS

Exploits0References26

Zero Day Initiative•added 2025/06/23 12:0 a.m.•2 views

Ruby WEBrick read_header HTTP Request Smuggling Vulnerability

This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The specific flaw exists within the readheaders method. The issue...