exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 10

CVE-2024-21647

около 2 лет назад

Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. This vulnerability has been fixed in versions 6.4.2 and 5.6.8.

CVSS3: 5.9

EPSS: Низкий

CVE-2024-21647

около 2 лет назад

CVSS3: 7.5

EPSS: Низкий

CVE-2024-21647

около 2 лет назад

CVSS3: 5.9

EPSS: Низкий

CVE-2024-21647

около 2 лет назад

Puma is a web server for Ruby/Rack applications built for parallelism. ...

CVSS3: 5.9

EPSS: Низкий

GHSA-c2f4-cvqm-65w2

около 2 лет назад

Puma HTTP Request/Response Smuggling vulnerability

CVSS3: 5.9

EPSS: Низкий

BDU:2024-00328

около 2 лет назад

Уязвимость HTTP-сервера для Ruby/Rack приложений Puma, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Низкий

SUSE-SU-2024:3644-1

больше 1 года назад

Security update for rubygem-puma

EPSS: Низкий

SUSE-SU-2025:03467-1

4 месяца назад

Security update for rubygem-puma

EPSS: Низкий

SUSE-SU-2025:03466-1

4 месяца назад

Security update for rubygem-puma

EPSS: Низкий

ROS-20241001-03

больше 1 года назад

Множественные уязвимости rubygem-puma

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-21647 Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. This vulnerability has been fixed in versions 6.4.2 and 5.6.8.	CVSS3: 5.9	3% Низкий	около 2 лет назад
CVE-2024-21647 Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. This vulnerability has been fixed in versions 6.4.2 and 5.6.8.	CVSS3: 7.5	3% Низкий	около 2 лет назад
CVE-2024-21647 Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. This vulnerability has been fixed in versions 6.4.2 and 5.6.8.	CVSS3: 5.9	3% Низкий	около 2 лет назад
CVE-2024-21647 Puma is a web server for Ruby/Rack applications built for parallelism. ...	CVSS3: 5.9	3% Низкий	около 2 лет назад
GHSA-c2f4-cvqm-65w2 Puma HTTP Request/Response Smuggling vulnerability	CVSS3: 5.9	3% Низкий	около 2 лет назад
BDU:2024-00328 Уязвимость HTTP-сервера для Ruby/Rack приложений Puma, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	3% Низкий	около 2 лет назад
SUSE-SU-2024:3644-1 Security update for rubygem-puma			больше 1 года назад
SUSE-SU-2025:03467-1 Security update for rubygem-puma			4 месяца назад
SUSE-SU-2025:03466-1 Security update for rubygem-puma			4 месяца назад
ROS-20241001-03 Множественные уязвимости rubygem-puma	CVSS3: 9.8		больше 1 года назад

Уязвимостей на страницу