actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails prior to 3.2.22.1, 4.0.x and 4.1.x prior to 4.1.14.1, 4.2.x prior to 4.2.5.1, and 5.x prior to 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote malicious users to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
rubyonrails rails 4.2.5 |
||
rubyonrails rails 4.2.4 |
||
rubyonrails rails 4.2.1 |
||
rubyonrails rails 4.2.0 |
||
rubyonrails rails 4.1.5 |
||
rubyonrails rails 4.1.6 |
||
rubyonrails rails 4.1.13 |
||
rubyonrails rails 4.1.12 |
||
rubyonrails rails 4.1.0 |
||
rubyonrails rails 4.0.1 |
||
rubyonrails rails 4.0.0 |
||
rubyonrails rails 4.0.5 |
||
rubyonrails rails 4.0.10 |
||
rubyonrails ruby on rails 4.0.11.1 |
||
rubyonrails rails 4.1.8 |
||
rubyonrails rails 4.1.7 |
||
rubyonrails rails 4.1.10 |
||
rubyonrails rails 4.1.9 |
||
rubyonrails rails 4.0.4 |
||
rubyonrails rails 4.0.3 |
||
rubyonrails rails 4.0.6 |
||
rubyonrails ruby on rails 4.0.13 |
||
rubyonrails rails 5.0.0 |
||
rubyonrails rails 4.2.2 |
||
rubyonrails rails 4.1.2 |
||
rubyonrails rails 4.1.1 |
||
rubyonrails rails 4.0.7 |
||
rubyonrails ruby on rails 4.0.12 |
||
rubyonrails ruby on rails |
||
rubyonrails rails 4.2.3 |
||
rubyonrails rails 4.1.4 |
||
rubyonrails rails 4.1.3 |
||
rubyonrails ruby on rails 4.1.11 |
||
rubyonrails ruby on rails 4.0.10 |
||
rubyonrails rails 4.0.9 |
||
rubyonrails rails 4.0.8 |
||
rubyonrails ruby on rails 4.0.11 |
||
rubyonrails rails 4.0.2 |
Vulmon