VYPR

RubyGems package

goliath

pkg:gem/goliath

Vulnerabilities (1)

  • CVE-2020-7671Jun 10, 2020
    affected <= 1.0.6

    goliath through 1.0.6 allows request smuggling attacks where goliath is used as a backend and a frontend proxy also being vulnerable. It is possible to conduct HTTP request smuggling attacks by sending the Content-Length header twice. Furthermore, invalid Transfer Encoding header