[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250039

 
 

909

 
 

195882

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS2RUBY3.0-2023-004 --- ruby

ID: oval:org.secpod.oval:def:1701704Date: (C)2023-10-26   (M)2024-01-29
Class: PATCHFamily: unix




The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object

Platform:
Amazon Linux 2
Product:
ruby
rubygem-bigdecimal
rubygem-bundler
rubygem-rexml
rubygem-io-console
rubygem-irb
rubygem-json
rubygem-minitest
rubygem-rss
rubygem-rbs
rubygem-power_assert
rubygem-psych
rubygem-rdoc
rubygem-test-unit
rubygem-typeprof
rubygems
rubygem-rake
Reference:
ALAS2RUBY3.0-2023-004
CVE-2021-33621
CVE    1
CVE-2021-33621
CPE    6
cpe:/a:rubygem:rubygem-json
cpe:/a:rubygems:rubygem-rake
cpe:/a:gembundler:rubygem-bundler
cpe:/a:ruby:ruby
...

© SecPod Technologies