Source: puma Version: 3.12.0-4 Severity: important Tags: security upstream Control: found -1 3.12.0-2
Hi, The following vulnerability was published for puma, it is fixed upstream in 4.3.3 and 3.12.4. CVE-2020-5249[0]: | In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using | Puma allows untrusted input in an early-hints header, an attacker can | use a carriage return character to end the header and inject malicious | content, such as additional headers or an entirely new response body. | This vulnerability is known as HTTP Response Splitting. While not an | attack in itself, response splitting is a vector for several other | attacks, such as cross-site scripting (XSS). This is related to | CVE-2020-5247, which fixed this vulnerability but only for regular | responses. This has been fixed in 4.3.3 and 3.12.4. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-5249 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5249 [1] https://github.com/puma/puma/security/advisories/GHSA-33vf-4xgg-9r58 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
