AZL-64364 CVE-2025-6442 affecting package ruby for versions less than 3.1.7-2

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

AZL-64367 CVE-2025-6442 affecting package rubygem-webrick for versions less than 1.7.0-2

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

UBUNTU-CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

CVE-2025-6442 Ruby WEBrick read_header HTTP Request Smuggling Vulnerability

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

CVE-2025-6442 Ruby WEBrick read_header HTTP Request Smuggling Vulnerability

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

CVE-2025-6442

CVE-2025-6442 affects Ruby WEBrick: the vulnerability is a flaw in read_headers that causes inconsistent termination parsing of HTTP headers, enabling HTTP request smuggling under certain proxy conditions. Affected are Ruby WEBrick and Rubygem-WeBrick components across several platforms (e.g., Ru...

CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

Webrick 环境问题漏洞

Webrick is an HTTP server toolkit open-sourced by The Ruby Programming Language. Webrick suffers from an environment issue vulnerability that stems from inconsistent parsing of HTTP header terminators by the readheaders method, which could lead to an HTTP request entrapment attack...

ROS-20250625-04

A vulnerability in the Ruby on Rails software platform is related to a CSRF vulnerability in the rails-ujs module. Exploitation of the vulnerability could allow an attacker acting remotely to send CSRF tokens to the wrong domains. invalid domains...

ROS-20250625-05

Vulnerability of components from memcachestore.rb and rediscachestore.rb of Ruby on Rails software platform is related to recovery of invalid data structure in memory. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, as we...

ROS-20250625-07

Vulnerability of translate function from translationhelper.rb of Ruby on Rails software platform is related to flaws in the measures used to protect web page structures. Exploitation of the vulnerability allows an attacker acting remotely to affect data integrity...

ROS-20250625-03

Vulnerability of eachpair function from strongparameters.rb of Ruby on Rails software platform is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow a remote attacker to gain access to confidential data Vulnerability in Ruby on Rails software...

SUSE CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

Ruby WEBrick read_header HTTP Request Smuggling Vulnerability

This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The specific flaw exists within the readheaders method. The issue...

The vulnerability of the Ruby interpreter’s Rack module’s interface allows a hacker to trigger a service failure.

The vulnerability of the Ruby interpreter’s Rack module interface is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

PT-2025-26617 · Ruby +1 · Ruby Webrick +1

Name of the Vulnerable Software and Affected Versions: Ruby WEBrick affected versions not specified Description: The issue concerns an HTTP Request Smuggling Vulnerability in Ruby WEBrick's read header function. No information is provided about the estimated number of potentially affected devices...

The vulnerability of the Ruby interpreter’s Rack module’s interface allows a hacker to trigger a service failure.

The vulnerability of the Ruby interpreter’s Rack module interface is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the Ruby interpreter’s Rack module’s interface allows a hacker to trigger a service failure.

The vulnerability of the Ruby interpreter’s Rack module interface is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...