CVE-2020-5249

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Puma (RubyGem) versions prior to 4.3.3 Puma (RubyGem) versions prior to 3.12.4

Description The issue allows an attacker to inject malicious content, such as additional headers or an entirely new response body, by using a carriage return character to end the header if an application using Puma allows untrusted input in an early-hints header. This is known as HTTP Response Splitting, which is a vector for several other attacks, such as cross-site scripting (XSS).

Recommendations For versions prior to 4.3.3, update to version 4.3.3 or later. For versions prior to 3.12.4, update to version 3.12.4 or later. As a temporary workaround, consider restricting untrusted input in the Early Hints response header to minimize the risk of exploitation.

Exploit

Fix

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-113

Related Identifiers

ALSA-2025_16880

BIT-RUBY-2020-5247

CVE-2020-5249

GHSA-33VF-4XGG-9R58

GHSA-84J7-475P-HP8V

OPENSUSE-SU-2020:1993-1

OPENSUSE-SU-2020:2000-1

OPENSUSE-SU-2020_1993-1

OPENSUSE-SU-2020_2000-1

SUSE-SU-2020:3036-1

SUSE-SU-2020:3147-1

SUSE-SU-2020:3160-1

Affected Products

Puma

Suse

CVE-2020-5249

Weakness Enumeration

Related Identifiers

Affected Products

References · 60