Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

13 advisories

Loading
HTTP Request Smuggling in ruby webrick High
CVE-2024-47220 was published for webrick (RubyGems) Sep 22, 2024
renatolond bermannoah
Puma's header normalization allows for client to clobber proxy set headers Moderate
CVE-2024-45614 was published for puma (RubyGems) Sep 20, 2024
WEBRick vulnerable to HTTP Request/Response Smuggling High
CVE-2020-25613 was published for webrick (RubyGems) May 24, 2022
Puma HTTP Request/Response Smuggling vulnerability Moderate
CVE-2024-21647 was published for puma (RubyGems) Jan 8, 2024
bartekn
protocol-http1 HTTP Request/Response Smuggling vulnerability Moderate
CVE-2023-38697 was published for protocol-http1 (RubyGems) Aug 3, 2023
mukeran chenjj
ioquatix
Puma HTTP Request/Response Smuggling vulnerability Critical
CVE-2023-40175 was published for puma (RubyGems) Aug 18, 2023
kenballus
HTTP Smuggling via Transfer-Encoding Header in Puma Moderate
CVE-2020-11077 was published for puma (RubyGems) May 22, 2020
HTTP Smuggling via Transfer-Encoding Header in Puma High
CVE-2020-11076 was published for puma (RubyGems) May 22, 2020
ZeddYu
Puma with proxy which forwards LF characters as line endings could allow HTTP request smuggling Low
CVE-2021-41136 was published for puma (RubyGems) Oct 12, 2021
asta12 mattiasgrenfeldt
Puma vulnerable to HTTP Request Smuggling Critical
CVE-2022-24790 was published for puma (RubyGems) Mar 30, 2022
zeyu2001
HTTP Request Smuggling in goliath High
CVE-2020-7671 was published for goliath (RubyGems) May 24, 2021
HTTP Request Smuggling in reel High
CVE-2020-7659 was published for reel (RubyGems) May 24, 2021
Withdrawn: HTTP Request Smuggling in Agoo Moderate
CVE-2020-7670 was published for agoo (RubyGems) Oct 20, 2020 withdrawn
ProTip! Advisories are also available from the GraphQL API