CVE-2021-33621
CVSS v3.1
8.8 (High)
EPSS
0.52 % (77th)
Affected Products
3
Advisories
32
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
Weaknesses
- CWE-74
- Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2022-11-18 23:15:18
(22 months ago) - Updated Date
-
2024-01-24 05:15:10
(7 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...