0.02 Low
EPSS
Percentile
88.8%
puma is vulnerable to denial of service (DoS). The vulnerability exists as it was possible to monopolize a thread if the client does not reset and keeps requesting. This CVE exists due to an incomplete fix for CVE-2019-16770.
gist.github.com/nateberkopec/4b3ea5676c0d70cbb37c82d54be25837
github.com/puma/puma/security/advisories/GHSA-q28m-8xjw-8vr5
github.com/puma/puma/security/policy
rubygems.org/gems/puma