Количество 10
Количество 10
CVE-2024-47220
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production."
CVE-2024-47220
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production."
CVE-2024-47220
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production."
CVE-2024-47220
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. ...
SUSE-SU-2024:3939-1
Security update for ruby2.1
GHSA-6f62-3596-g6w7
HTTP Request Smuggling in ruby webrick
BDU:2025-10615
Уязвимость набора инструментов HTTP-сервера WEBrick, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю выполнить атаку «контрабанда HTTP-запросов»
SUSE-SU-2025:0736-1
Security update for ruby2.5
ROS-20250826-03
Множественные уязвимости rubygem-webrick
SUSE-SU-2025:1369-1
Security update for ruby2.5
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-47220 An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." | 0% Низкий | около 1 года назад | |
 | CVE-2024-47220 An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | CVE-2024-47220 An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." | 0% Низкий | около 1 года назад | |
| CVE-2024-47220 An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. ... | 0% Низкий | около 1 года назад | |
 | SUSE-SU-2024:3939-1 Security update for ruby2.1 | 0% Низкий | 12 месяцев назад | |
| GHSA-6f62-3596-g6w7 HTTP Request Smuggling in ruby webrick | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | BDU:2025-10615 Уязвимость набора инструментов HTTP-сервера WEBrick, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю выполнить атаку «контрабанда HTTP-запросов» | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| SUSE-SU-2025:0736-1 Security update for ruby2.5 | 8 месяцев назад | ||
 | ROS-20250826-03 Множественные уязвимости rubygem-webrick | CVSS3: 7.5 | 2 месяца назад | |
| SUSE-SU-2025:1369-1 Security update for ruby2.5 | 6 месяцев назад |
Уязвимостей на страницу