ADVISORIES
GEM
SEVERITY
CVSS v3.x: 4.3 (Medium)
PATCHED VERSIONS
- >= 0.11.0
DESCRIPTION
Impact
HTTP Response Header Injection in Pitchfork Versions < 0.11.0 when used in conjunction with Rack 3
Patches
The issue was fixed in Pitchfork release 0.11.0
Workarounds
There are no known work arounds. Users must upgrade.