Risk Scores
CVSS v3.1
7.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
0.46%
63.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| RubyGems | gitlab-puma | 6.0.0, 0, 6.0.0 |
| puma | puma | < 5.6.7, >= 6.0.0, < 6.3.1, < 5.6.7 |
| puma | puma | 0, 6.0.0, 0 |
| RubyGems | puma | 0, 6.0.0, 0 |
Timeline
- Aug 18, 2023 CVE Published
- Aug 19, 2023 EPSS Score
- Sep 21, 2023 EPSS Score
- Oct 23, 2023 EPSS Score
- Nov 25, 2023 EPSS Score
- Dec 28, 2023 EPSS Score
- Mar 2, 2024 EPSS Score
- Apr 4, 2024 EPSS Score
- May 7, 2024 EPSS Score
- Jun 8, 2024 EPSS Score
- Jul 11, 2024 EPSS Score
- Aug 13, 2024 EPSS Score
References
- https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8 url
- https://github.com/puma/puma/commit/690155e7d644b80eeef0a6094f9826ee41f1080a url
- https://nvd.nist.gov/vuln/detail/CVE-2023-40175 advisory
- https://github.com/puma/puma/commit/ed0f2f94b56982c687452504b95d5f1fbbe3eed1 patch
- https://github.com/puma/puma/releases/tag/v5.6.7 url
- https://github.com/puma/puma/releases/tag/v6.3.1 url
- https://github.com/advisories/GHSA-68xg-gqqm-vgj8 advisory