CVSS v3.x: 6.5 (Medium)
- ~> 5.6.7
- >= 6.3.1
Prior to version 6.3.1, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling.
The following vulnerabilities are addressed by this advisory:
- Incorrect parsing of trailing fields in chunked transfer encoding bodies
- Parsing of blank/zero-length Content-Length headers
The vulnerability has been fixed in 6.3.1 and 5.6.7.
No known workarounds.