CVE-2020-5247

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-5247

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5247.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-5247

Aliases

Related

Published

2020-02-28T17:15:12Z

Modified

2024-09-11T04:43:07.067409Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. CR, LF or/r, /n) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.

References

Affected packages

Debian:11 / puma

Package

Name: puma
Purl: pkg:deb/debian/puma?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.12.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / puma

Package

Name: puma
Purl: pkg:deb/debian/puma?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.12.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / puma

Package

Name: puma
Purl: pkg:deb/debian/puma?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.12.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/puma/puma

Affected ranges

Type: GIT
Repo: https://github.com/puma/puma
Events: Introduced

f5d7600e4e4d9104803b5f0f5f596f8dc45fc191

Last affected

040a5bf8842fbaebf6656e6556328d6c45be5b10

Last affected

9338e504995228bcdda62f3b506c50e59ca06b56

Type: GIT
Repo: https://github.com/ruby/ruby
Events: Introduced

4e0a512972cdcbfcd5279f1a2a81ba342ed75b6e

Last affected

189a36cfabfc30e785cece0692c802be87ebd9cf

Introduced

c1af7b1e1d408f9796a5f46c9ed36bc5adea4aa2

Last affected

6315e42c222d5484004494950c7524a85acadb20

Last affected

c55db6aa271df4a689dc8eb0039c929bf6ed43ff

Introduced

d4bb726b713658f56e630b6cf817a0155b6f390e

Last affected

c91478058505cd8cae5160c1056bcde65af5a78b

Last affected

d40ea2afa6ff5a6e5befcf342fb7b6dc58796b20

Affected versions

v4.*

v4.0.0

v4.0.1

v4.1.0

v4.2.0

v4.2.1

v4.3.0

v4.3.1

v4.3.2