ghsa-68xg-gqqm-vgj8
Vulnerability from github
Published
2023-08-18 21:50
Modified
2023-08-24 22:34
Severity ?
Summary
Puma HTTP Request/Response Smuggling vulnerability
Details
Impact
Prior to version 6.3.1, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling.
The following vulnerabilities are addressed by this advisory:
- Incorrect parsing of trailing fields in chunked transfer encoding bodies
- Parsing of blank/zero-length Content-Length headers
Patches
The vulnerability has been fixed in 6.3.1 and 5.6.7.
Workarounds
No known workarounds.
References
For more information
If you have any questions or comments about this advisory:
Open an issue in Puma See our security policy
{ "affected": [ { "package": { "ecosystem": "RubyGems", "name": "puma" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "5.6.7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "puma" }, "ranges": [ { "events": [ { "introduced": "6.0.0" }, { "fixed": "6.3.1" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2023-40175" ], "database_specific": { "cwe_ids": [ "CWE-444" ], "github_reviewed": true, "github_reviewed_at": "2023-08-18T21:50:05Z", "nvd_published_at": "2023-08-18T22:15:11Z", "severity": "CRITICAL" }, "details": "### Impact\nPrior to version 6.3.1, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling.\n\nThe following vulnerabilities are addressed by this advisory:\n\n* Incorrect parsing of trailing fields in chunked transfer encoding bodies\n* Parsing of blank/zero-length Content-Length headers\n\n### Patches\nThe vulnerability has been fixed in 6.3.1 and 5.6.7.\n\n### Workarounds\nNo known workarounds.\n\n### References\n[HTTP Request Smuggling](https://portswigger.net/web-security/request-smuggling)\n\n### For more information\nIf you have any questions or comments about this advisory:\n\nOpen an issue in [Puma](https://github.com/puma/puma)\nSee our [security policy](https://github.com/puma/puma/security/policy)\n", "id": "GHSA-68xg-gqqm-vgj8", "modified": "2023-08-24T22:34:11Z", "published": "2023-08-18T21:50:05Z", "references": [ { "type": "WEB", "url": "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40175" }, { "type": "WEB", "url": "https://github.com/puma/puma/commit/690155e7d644b80eeef0a6094f9826ee41f1080a" }, { "type": "WEB", "url": "https://github.com/puma/puma/commit/7405a219801dcebc0ad6e0aa108d4319ca23f662" }, { "type": "WEB", "url": "https://github.com/puma/puma/commit/ed0f2f94b56982c687452504b95d5f1fbbe3eed1" }, { "type": "PACKAGE", "url": "https://github.com/puma/puma" }, { "type": "WEB", "url": "https://github.com/puma/puma/releases/tag/v5.6.7" }, { "type": "WEB", "url": "https://github.com/puma/puma/releases/tag/v6.3.1" }, { "type": "WEB", "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puma/CVE-2023-40175.yml" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ], "summary": "Puma HTTP Request/Response Smuggling vulnerability" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.