Approved changes feed: RSS · Atom
cpe:2.3:a:shopify:pitchfork:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Shopify (b22c83ee-33c3-5cbf-82e4-8727c9195011) |
|---|---|
| Product | Pitchfork (c2e8a523-b00d-5731-b0e8-18faa99d6ca0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-30221 |
vulnerable | 2026-06-03 15:00:27.576052 |
Pitchfork HTTP Request/Response Splitting vulnerability
MEDIUM (4.3)
Pitchfork is a preforking HTTP server for Rack applications. Versions prior to 0.11.0 are vulnerable to HTTP Response Header Injection when used in conjunction with Rack 3. The issue was fixed in Pitchfork release 0.11.0. No known workarounds are available.
Published: 2025-03-27T14:46:32.430Z
Updated: 2025-03-27T15:05:37.756Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.