exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 8

BDU:2024-00328

больше 1 года назад

Уязвимость HTTP-сервера для Ruby/Rack приложений Puma, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Низкий

ROS-20241001-03

9 месяцев назад

Множественные уязвимости rubygem-puma

CVSS3: 9.8

EPSS: Низкий

CVE-2024-21647

больше 1 года назад

Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. This vulnerability has been fixed in versions 6.4.2 and 5.6.8.

CVSS3: 5.9

EPSS: Низкий

CVE-2024-21647

больше 1 года назад

Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. This vulnerability has been fixed in versions 6.4.2 and 5.6.8.

CVSS3: 7.5

EPSS: Низкий

CVE-2024-21647

больше 1 года назад

Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. This vulnerability has been fixed in versions 6.4.2 and 5.6.8.

CVSS3: 5.9

EPSS: Низкий

CVE-2024-21647

больше 1 года назад

Puma is a web server for Ruby/Rack applications built for parallelism. ...

CVSS3: 5.9

EPSS: Низкий

GHSA-c2f4-cvqm-65w2

больше 1 года назад

Puma HTTP Request/Response Smuggling vulnerability

CVSS3: 5.9

EPSS: Низкий

SUSE-SU-2024:3644-1

8 месяцев назад

Security update for rubygem-puma

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2024-00328 Уязвимость HTTP-сервера для Ruby/Rack приложений Puma, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	2% Низкий	больше 1 года назад
ROS-20241001-03 Множественные уязвимости rubygem-puma	CVSS3: 9.8		9 месяцев назад
CVE-2024-21647 Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. This vulnerability has been fixed in versions 6.4.2 and 5.6.8.	CVSS3: 5.9	2% Низкий	больше 1 года назад
CVE-2024-21647 Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. This vulnerability has been fixed in versions 6.4.2 and 5.6.8.	CVSS3: 7.5	2% Низкий	больше 1 года назад
CVE-2024-21647 Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. This vulnerability has been fixed in versions 6.4.2 and 5.6.8.	CVSS3: 5.9	2% Низкий	больше 1 года назад
CVE-2024-21647 Puma is a web server for Ruby/Rack applications built for parallelism. ...	CVSS3: 5.9	2% Низкий	больше 1 года назад
GHSA-c2f4-cvqm-65w2 Puma HTTP Request/Response Smuggling vulnerability	CVSS3: 5.9	2% Низкий	больше 1 года назад
SUSE-SU-2024:3644-1 Security update for rubygem-puma			8 месяцев назад

Уязвимостей на страницу