cve/CVE-2016-0751.md at 080c77ded0654f051cb1bc3976c3cd169cb797da

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio e6ecd99f3d Update CVE sources 2024-06-07 17:53

2024-06-07 17:53:02 +00:00

Description

actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/bibin-paul-trustme/ruby_repo
https://github.com/jasnow/585-652-ruby-advisory-db
https://github.com/rubysec/ruby-advisory-db
https://github.com/vulsio/go-cve-dictionary
https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147-

1.0 KiB Raw Blame History

CVE-2016-0751

Description

POC

Reference

Github

1.0 KiB

Raw Blame History