VYPR
High severityNVD Advisory· Published Nov 18, 2022· Updated Nov 4, 2025

CVE-2021-33621

CVE-2021-33621

Description

The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
cgiRubyGems
>= 0.3.0, < 0.3.50.3.5
cgiRubyGems
>= 0.2.0, < 0.2.20.2.2
cgiRubyGems
< 0.1.0.20.1.0.2

Affected products

67

Patches

Vulnerability mechanics

References

20

News mentions

0

No linked articles in our index yet.