0.007 Low
EPSS
Percentile
79.7%
ruby is vulnerable to HTTP response splitting. An attacker is able to inject arbitrary data into an HTTP response of the WEBrick server, allowing cross-site scripting attacks, web cache poisoning or similar exploits.
access.redhat.com/errata/RHSA-2018:3730
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1650590