14 Total advisories
14 Vulnerabilities
0 Malware
Vulnerabilities
HIGH 7.5
CVE-2026-47737
Puma PROXY Protocol v1 Accepts Repeated Protocol Headers on Persistent Connections
HIGH 7.5
CVE-2026-47736
Puma PROXY Protocol v1 Parser Allows Remote Memory Exhaustion
LOW 3.7
CVE-2021-41136
Puma with proxy which forwards LF characters as line endings could allow HTTP request smuggling
MEDIUM 6.5
CVE-2020-5247
HTTP Response Splitting in Puma
HIGH 7.5
CVE-2020-11076
HTTP Smuggling via Transfer-Encoding Header in Puma
MEDIUM 6.8
CVE-2020-11077
HTTP Smuggling via Transfer-Encoding Header in Puma
MEDIUM 5.3
CVE-2019-16770
A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack
HIGH 7.5
CVE-2021-29509
Puma's Keepalive Connections Causing Denial Of Service
HIGH 8.0
CVE-2022-23634
Puma used with Rails may lead to Information Exposure
MEDIUM 5.9
CVE-2024-21647
Puma HTTP Request/Response Smuggling vulnerability
MEDIUM 6.5
CVE-2020-5249
HTTP Response Splitting (Early Hints) in Puma
MEDIUM 5.4
CVE-2024-45614
Puma's header normalization allows for client to clobber proxy set headers
CRITICAL 9.8
CVE-2023-40175
Puma HTTP Request/Response Smuggling vulnerability
CRITICAL 9.1
CVE-2022-24790
Puma vulnerable to HTTP Request Smuggling
Ready to move
Start Securing
Free, no credit card | First findings in minutes