The cgi gem prior to 0.1.0.2, 0.2.x prior to 0.2.2, and 0.3.x prior to 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ruby-lang cgi |
||
fedoraproject fedora 35 |
||
fedoraproject fedora 36 |
||
fedoraproject fedora 37 |
||
ruby-lang ruby |