CVE-2022-24790 log

Severity Unknown
Remote Yes
Type Unknown
Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end proxy to Puma.
Group Package Affected Fixed Severity Status Ticket
AVG-2764 ruby-puma 5.6.3-1 5.6.4-1 High Unknown