Puma is a HTTP 1.1 server for Ruby/Rack applications. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.
Request Smuggling
Apache
Information Disclosure
Puma
Debian Linux
NVD
GitHub
CVSS 3.1
3.7
EPSS
1.1%