CVE-2017-17742 | Ruby up to 2.2.9/2.3.6/2.4.3/2.5.0 HTTP Server HTTP Response Split response splitting (USN-3685-1 / Nessus ID 110551)
A vulnerability labeled as critical has been found in Ruby up to 2.2.9/2.3.6/2.4.3/2.5.0. This issue affects some unknown processing of the component HTTP Server. Executing a manipulation as part of HTTP Response can lead to http response splitting (Split).
This vulnerability is handled as CVE-2017-17742. The attack can be executed remotely. There is not any exploit available.
The affected component should be upgraded.