Lucene search
K

5 matches found

CVE
CVE
added 2024/09/22 12:0 a.m.372 views

CVE-2024-47220

The CVE-2024-47220 issue affects the WEBrick toolkit in Ruby (through 1.8.1). It enables HTTP request smuggling by sending both Content-Length and Transfer-Encoding in the same request, e.g., a crafted GET line embedded in a POST request. The advisory notes WEBrick should not be used in productio...

7.2AI score0.00393EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.3 views

SUSE CVE-2008-1891

Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing 1 + plus, 2 %2b encode...

5CVSS7AI score0.02813EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.4 views

SUSE CVE-2010-0541

Cross-site scripting XSS vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page...

4.3CVSS6.6AI score0.02814EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/02/28 5:15 p.m.39 views

CVE-2020-5247

In Puma RubyGem before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters i.e. CR, LF or/r, /n to end the header and inject malicious content, such as additional headers or an entirely new response body. This...

7.5CVSS6.6AI score0.02487EPSS
Exploits0References6
Prion
Prion
added 2020/02/28 5:15 p.m.33 views

Cross site scripting

In Puma RubyGem before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters i.e. CR, LF or/r, /n to end the header and inject malicious content, such as additional headers or an entirely new response body. This...

5CVSS6.1AI score0.04569EPSS
Exploits0References7Affected Software4
Rows per page
Query Builder