{"id":"UBUNTU-CVE-2020-11076","details":"In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.","modified":"2026-02-04T03:48:39.400886Z","published":"2020-05-22T15:15:00Z","related":["USN-6682-1"],"upstream":["CVE-2020-11076"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-11076"},{"type":"REPORT","url":"https://github.com/puma/puma/security/advisories/GHSA-x7jg-6pwg-fx5h"},{"type":"REPORT","url":"https://github.com/puma/puma/commit/f24d5521295a2152c286abb0a45a1e1e2bd275bd"},{"type":"REPORT","url":"https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6682-1"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2020-11076"}],"affected":[{"package":{"name":"puma","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/puma@3.12.4-1ubuntu2+esm1?arch=source&distro=esm-apps/focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.4-1ubuntu2+esm1"}]}],"versions":["3.12.0-2ubuntu1","3.12.0-4ubuntu1","3.12.4-1ubuntu2"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"puma","binary_version":"3.12.4-1ubuntu2+esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-11076.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"type":"Ubuntu","score":"medium"}]}