- Vulnerability/
- USN-6399-1
USN-6399-1: Puma vulnerability
First published: Wed Sep 27 2023(Updated: )
It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to perform an HTTP request Smuggling attack.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/puma | <5.6.5-3ubuntu1.1 | 5.6.5-3ubuntu1.1 |
| =23.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Puma vulnerability?
The vulnerability ID for this Puma vulnerability is CVE-2023-40175.
How does the Puma vulnerability impact systems?
The Puma vulnerability can allow a remote attacker to perform an HTTP request smuggling attack.
What software is affected by this Puma vulnerability?
The Ubuntu 23.04 operating system with Puma version 5.6.5-3ubuntu1.1 is affected by this vulnerability.
How can I fix the Puma vulnerability?
To fix the Puma vulnerability, update the Puma package to version 5.6.5-3ubuntu1.1.
Where can I find more information about this Puma vulnerability?
More information about this Puma vulnerability can be found on the Ubuntu security notices website.
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/title
- agent/description
- agent/event
- collector/usn
- source/Ubuntu
- anchor-related/USN-6682-1
- agent/software-canonical-lookup
- agent/references
- agent/tags
- agent/trending
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/23.04