4 matches found
OESA-2024-2249 rubygem-puma security update
A simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Security Fixes: Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies such as X-Forwarded-For by providing a underscore version...
OESA-2024-2251 rubygem-puma security update
A simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Security Fixes: Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies such as X-Forwarded-For by providing a underscore version...
SUSE CVE-2024-45614
Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies such as X-Forwarded-For by providing a underscore version of the same header X-ForwardedFor. Any users relying on proxy set variables is affected. v6.4.3/v5.6.9 now...
Puma 安全漏洞
Puma is a web server for highly concurrent applications by Evan Phoenix, an individual developer in the United States. A security vulnerability exists in Puma versions prior to 6.4.3, which stems from a client being able to override values set by an intermediate proxy by supplying an underscored...