[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250039

 
 

909

 
 

195882

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS2RUBY2.6-2023-003 --- ruby

ID: oval:org.secpod.oval:def:1701666Date: (C)2023-10-26   (M)2024-01-29
Class: PATCHFamily: unix




The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object

Platform:
Amazon Linux 2
Product:
ruby
rubygem-bigdecimal
rubygem-bundler
rubygem-did_you_mean
rubygem-io-console
rubygem-irb
rubygem-json
rubygem-minitest
rubygem-net-telnet
rubygem-openssl
rubygem-power_assert
rubygem-psych
rubygem-rdoc
rubygem-test-unit
rubygem-xmlrpc
rubygems
rubygem-rake
Reference:
ALAS2RUBY2.6-2023-003
CVE-2021-33621
CVE    1
CVE-2021-33621
CPE    6
cpe:/a:rubygem:rubygem-json
cpe:/a:rubygems:rubygem-rake
cpe:/a:gembundler:rubygem-bundler
cpe:/a:ruby:ruby
...

© SecPod Technologies