CVE-2020-5247

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-5247
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5247.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-5247
Aliases
Downstream
Related
Published
2020-02-28T17:15:12.220Z
Modified
2026-02-24T11:35:30.981483Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. CR, LF or/r, /n) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.

References

Affected packages

Git / github.com/puma/puma

Affected ranges

Type
GIT
Repo
https://github.com/puma/puma
Events
Introduced
f5d7600e4e4d9104803b5f0f5f596f8dc45fc191
Last affected
040a5bf8842fbaebf6656e6556328d6c45be5b10

Affected versions

v4.*
v4.0.0
v4.0.1
v4.1.0
v4.2.0
v4.2.1
v4.3.0
v4.3.1
v4.3.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5247.json"

Git / github.com/ruby/ruby

Affected ranges

Type
GIT
Repo
https://github.com/ruby/ruby
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d40ea2afa6ff5a6e5befcf342fb7b6dc58796b20
Introduced
4e0a512972cdcbfcd5279f1a2a81ba342ed75b6e
Last affected
189a36cfabfc30e785cece0692c802be87ebd9cf
Introduced
c1af7b1e1d408f9796a5f46c9ed36bc5adea4aa2
Last affected
6315e42c222d5484004494950c7524a85acadb20
Introduced
d4bb726b713658f56e630b6cf817a0155b6f390e
Last affected
c91478058505cd8cae5160c1056bcde65af5a78b

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5247.json"

Git / gitlab.gnome.org/GNOME/libxml2

Affected ranges

Type
GIT
Repo
https://gitlab.gnome.org/GNOME/libxml2
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e6e59cdf33e02648fc8f33c357accadf2a657668
Introduced
09ab7e1c1c943a6ba160037208c58a0dda3fe8ec
Last affected
52dcab3999cc9c480b275bc3ddf66dbb66f92d68
Introduced
7b4b2f9d8fc712c49beaf75985161a130c77d13a
Last affected
c2d4a93d4f6ecc658e63ddc416be918318cea7a9

Affected versions

Other
LIBXML2_2_4_21
LIBXML2_2_5_0
LIBXML2_2_5_10
LIBXML2_2_5_7
LIBXML2_2_5_8
LIBXML2_2_5_9
LIBXML2_2_5_x
LIBXML2_2_6_1
LIBXML2_2_6_2
LIBXML2_2_6_3
LIBXML2_2_6_4
LIBXML2_6_0
LIBXML_2_4_0
LIBXML_2_4_11
LIBXML_2_4_12
LIBXML_2_4_13
LIBXML_2_4_14
LIBXML_2_4_16
LIBXML_2_4_18
LIBXML_2_4_2
LIBXML_2_4_20
LIBXML_2_4_22
LIBXML_2_4_23
LIBXML_2_4_24
LIBXML_2_4_25
LIBXML_2_4_26
LIBXML_2_4_27
LIBXML_2_4_29
LIBXML_2_4_3
LIBXML_2_4_30
LIBXML_2_4_4
LIBXML_2_4_6
LIBXML_2_4_7
LIBXML_2_5_1
LIBXML_2_5_2
LIBXML_2_5_3
LIBXML_2_5_4
LIBXML_2_5_5
LIBXML_2_5_6

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5247.json"