Количество 9
Количество 9
CVE-2024-47220
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production."
CVE-2024-47220
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production."
CVE-2024-47220
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production."
CVE-2024-47220
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. ...
SUSE-SU-2024:3939-1
Security update for ruby2.1
GHSA-6f62-3596-g6w7
HTTP Request Smuggling in ruby webrick
SUSE-SU-2025:0736-1
Security update for ruby2.5
ROS-20250826-03
Множественные уязвимости rubygem-webrick
SUSE-SU-2025:1369-1
Security update for ruby2.5
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-47220 An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." | 0% Низкий | 11 месяцев назад | |
 | CVE-2024-47220 An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." | CVSS3: 7.5 | 0% Низкий | 11 месяцев назад |
 | CVE-2024-47220 An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." | 0% Низкий | 11 месяцев назад | |
| CVE-2024-47220 An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. ... | 0% Низкий | 11 месяцев назад | |
 | SUSE-SU-2024:3939-1 Security update for ruby2.1 | 0% Низкий | 10 месяцев назад | |
| GHSA-6f62-3596-g6w7 HTTP Request Smuggling in ruby webrick | CVSS3: 7.5 | 0% Низкий | 11 месяцев назад |
| SUSE-SU-2025:0736-1 Security update for ruby2.5 | 6 месяцев назад | ||
 | ROS-20250826-03 Множественные уязвимости rubygem-webrick | CVSS3: 7.5 | 6 дней назад | |
| SUSE-SU-2025:1369-1 Security update for ruby2.5 | 4 месяца назад |
Уязвимостей на страницу