{"vulnerability": "CVE-2024-45614", "sightings": [{"uuid": "2d8fd9e1-5d9b-4420-b4c3-69b666e2e5be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45614", "type": "seen", "source": "https://t.me/cvedetector/6087", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45614 - Puma Rack Web Server Proxied Header Tampering\", \n  \"Content\": \"CVE ID : CVE-2024-45614 \nPublished : Sept. 19, 2024, 11:15 p.m. | 41\u00a0minutes ago \nDescription : Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies (such as X-Forwarded-For) by providing a underscore version of the same header (X-Forwarded_For). Any users relying on proxy set variables is affected. v6.4.3/v5.6.9 now discards any headers using underscores if the non-underscore version also exists. Effectively, allowing the proxy defined headers to always win. Users are advised to upgrade. Nginx has a underscores_in_headers configuration variable to discard these headers at the proxy level as a mitigation. Any users that are implicitly trusting the proxy defined headers for security should immediately cease doing so until upgraded to the fixed versions. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-20T02:11:47.000000Z"}, {"uuid": "3715bfbd-6e33-49d8-b909-1d3230b2b853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45614", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8635", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPuma Header normalization CVE-2024-45614 \u78ba\u8a8d\nURL\uff1ahttps://github.com/ooooooo-q/puma_header_normalization-CVE-2024-45614\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-29T06:08:42.000000Z"}]}