CVE-2020-5249 — Cross-site Scripting in Puma
Severity
6.5MEDIUMNVD
GHSA7.5OSV7.5
EPSS
0.5%
top 34.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 2
Latest updateSep 30
Description
In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2020-5247, which f…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages4 packages
Patches
🔴Vulnerability Details
3📋Vendor Advisories
2📄Research Papers
1💬Community
2Bugzilla▶
CVE-2020-5249 rubygem-puma: attacker is able to use carriage return character to insert malicious content (HTTP Response Splitting), this could lead to XSS [fedora-all]↗2020-03-23
Bugzilla▶
CVE-2020-5249 rubygem-puma: attacker is able to use carriage return character to insert malicious content (HTTP Response Splitting), this could lead to XSS↗2020-03-23