puma vulnerabilities

licenses detected

BSD-3-Clause
>=2.9.0-java
BSD-2-Clause
>=2.8.0-java, <2.9.0-java
MIT
>=0.8.0, <2.8.0-java

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the puma package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H HTTP Request Smuggling	<5.6.9>=6.0.0, <6.4.3
M HTTP Request Smuggling	<5.6.8>=6.0.0, <6.4.2
H HTTP Request Smuggling	<5.6.7>=6.0.0, <6.3.1
C HTTP Request Smuggling	<4.3.12>=5.0.0, <5.6.4
H Information Exposure	<4.3.11>=5.0.0, <5.6.2
L HTTP Request Smuggling	<4.3.9>=5.0.0, <5.5.1
H Denial of Service (DoS)	>=5.0.0.beta1, <5.3.1<4.3.8
M HTTP Request Smuggling	<3.12.5>=4.0.0, <4.3.4
M HTTP Request Smuggling	<3.12.6>=4.0.0, <4.3.5
M HTTP Response Splitting	<3.12.4>=4.0.0, <4.3.3
M HTTP Response Splitting	>=4.0.0, <4.3.2<3.12.3
H Denial of Service (DoS)	<3.12.2>=4.0.0, <4.3.1
M Man-in-the-Middle (Mitm)	<2.9.2