CVE-2022-24790

Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end proxy to Puma. The vulnerability has been fixed in 5.6.4 and 4.3.12. Users are advised to upgrade as soon as possible. Workaround: when deploying a proxy in front of Puma, turning on any and all functionality to make sure that the request matches the RFC7230 standard.

Database specific

{
    "cwe_ids": [
        "CWE-444"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/24xxx/CVE-2022-24790.json"
}

References

Affected packages

Git / github.com/puma/puma

Affected ranges

Type: GIT
Repo: https://github.com/puma/puma
Events: Introduced

13e18e8078c800adfc52af687acc1d8de5f3988d

Fixed

7add06a280c305eeb32a98c4fca4b34521cbf12f

Fixed

831d8a8be0da8d2dea7b47d683cfea66a0b0b47f

Affected versions

v5.*

v5.0.0

v5.0.1

v5.0.2

v5.0.3

v5.1.0

v5.2.0

v5.2.1

v5.2.2

v5.3.0

v5.3.1

v5.3.2

v5.4.0

v5.5.0

v5.5.1

v5.5.2

v5.6.0

v5.6.1

v5.6.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-24790.json"

Git / github.com/wordpress/wordpress-develop

Affected ranges

Type: GIT
Repo: https://github.com/wordpress/wordpress-develop
Events: Introduced

b3bf6266acd61682bc654845f621b4426645e324

Fixed

4589b3cb6353f3fcab674ca92d97a23b5cd7f44e

Fixed

cd63ea66926c8be7fd71850e57b3a321e97dd029

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-24790.json"