Описание
Pitchfork is a preforking HTTP server for Rack applications. Versions prior to 0.11.0 are vulnerable to HTTP Response Header Injection when used in conjunction with Rack 3. The issue was fixed in Pitchfork release 0.11.0. No known workarounds are available.
EPSS
Процентиль: 51%
0.00278
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-113
Связанные уязвимости
CVSS3: 4.3
github
11 месяцев назад
Pitchfork HTTP Request/Response Splitting vulnerability
EPSS
Процентиль: 51%
0.00278
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-113