Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
In RubyGem excon, interrupted Persistent Connections May Leak Response Data
Vulnerability Description
In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N
Vulnerability Type
在生命周期中对资源的控制不恰当
Vulnerability Title
RubyGem excon 竞争条件问题漏洞
Vulnerability Description
RubyGem excon是一款适用于Ruby应用程序的HTTP服务器。 RubyGem excon 0.71.0之前版本中存在竞争条件问题漏洞。攻击者可利用该漏洞泄露信息。
CVSS Information
N/A
Vulnerability Type
N/A