CVE-2021-41136 - log back

CVE-2021-41136 edited at 15 Jun 2022 18:47:43
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Description
+ Using puma with a proxy which forwards LF characters as line endings could allow HTTP request smuggling. Puma is only aware of a single proxy server which has this behavior.
References
+ https://github.com/puma/puma/commit/acdc3ae571dfae0e045cf09a295280127db65c7f
+ https://github.com/puma/puma/security/advisories/GHSA-48w2-rm65-62xx
Notes
CVE-2021-41136 created at 15 Jun 2022 18:43:21