CVE-2020-11077HTTP Request Smuggling in Puma

CWE-444HTTP Request Smuggling11 documents8 sources
Severity
7.5HIGHNVD
EPSS
0.8%
top 25.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
PumaDebian LinuxFedoraproject Fedora+1 more
Timeline
PublishedMay 22
Latest updateMar 7

Description

In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connec

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages6 packages

CVEListV5puma/puma< 3.12.6+1
NVDpuma/puma3.0.03.12.6+1
RubyGemspuma/puma4.0.04.3.5+1
Debianpuma/puma< 4.3.6-1+3
Ubuntupuma/puma< 3.12.4-1ubuntu2+esm1+1

Also affects: Debian Linux 9.0, Fedora 33

🔴Vulnerability Details

5
OSV
puma vulnerabilities2024-03-07
OSV
CVE-2020-11077: In Puma (RubyGem) before 42020-05-22
CVEList
HTTP Smuggling via Transfer-Encoding Header in Puma2020-05-22
GHSA
HTTP Smuggling via Transfer-Encoding Header in Puma2020-05-22
OSV
HTTP Smuggling via Transfer-Encoding Header in Puma2020-05-22

📋Vendor Advisories

3
Ubuntu
Puma vulnerabilities2024-03-07
Red Hat
rubygem-puma: HTTP Smuggling through a proxy via Transfer-Encoding Header2020-05-21
Debian
CVE-2020-11077: puma - In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request thro...2020

💬Community

2
Bugzilla
CVE-2020-11077 rubygem-puma: HTTP Smuggling through a proxy via Transfer-Encoding Header2020-06-01
Bugzilla
CVE-2020-11077 rubygem-puma: HTTP Smuggling through a proxy via Transfer-Encoding Header [fedora-all]2020-06-01
CVE-2020-11077 — HTTP Request Smuggling in Puma | cvebase