NA

CVE-2014-0082

Published: 20/02/2014 Updated: 08/08/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

actionpack/lib/action_view/template/text.rb in Action View in Ruby on Rails 3.x prior to 3.2.17 converts MIME type strings to symbols during use of the :text option to the render method, which allows remote malicious users to cause a denial of service (memory consumption) by including these strings in headers.

Vendor Advisories

actionpack/lib/action_view/template/textrb in Action View in Ruby on Rails 3x before 3217 converts MIME type strings to symbols during use of the :text option to the render method, which allows remote attackers to cause a denial of service (memory consumption) by including these strings in headers ...