Sha256: 169348d23db37c504ae89cbcebabefc81fe8ef37e25e04a704eef2a860e8579c
Contents?: true
Size: 523 Bytes
Versions: 1
Compression:
Stored size: 523 Bytes
Contents
--- gem: puma cve: 2020-11076 ghsa: x7jg-6pwg-fx5h url: https://github.com/puma/puma/security/advisories/GHSA-x7jg-6pwg-fx5h date: 2020-05-22 title: HTTP Smuggling via Transfer-Encoding Header in Puma description: |- ### Impact By using an invalid transfer-encoding header, an attacker could [smuggle an HTTP response.](https://portswigger.net/web-security/request-smuggling) ### Patches The problem has been fixed in Puma 3.12.5 and Puma 4.3.4. cvss_v3: 7.5 patched_versions: - "~> 3.12.5" - ">= 4.3.4"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/puma/CVE-2020-11076.yml |