Max CVSS 5.0 Min CVSS 4.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-5247 5.0
In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as
12-10-2022 - 13:35 28-02-2020 - 17:15
CVE-2020-5249 4.0
In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an
09-04-2020 - 17:15 02-03-2020 - 16:15
Back to Top Mark selected
Back to Top