Description

actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers to cause a denial of service (memory consumption) via a header containing an invalid MIME type that leads to excessive caching.

Remediation

References

CVE-2013-6414

Related Vulnerabilities

WordPress Plugin WP Subtitle Unspecified Vulnerability (2.5)

WordPress Plugin Social Media Widget by Acurax Cross-Site Request Forgery (3.2.5)

WordPress Plugin Influencer Marketing & Press Release System Cross-Site Scripting (2.2)

PHP hangs on parsing particular strings as floating point number

MySQL CVE-2021-2193 Vulnerability (CVE-2021-2193)

Severity

Medium

Classification

CVE-2013-6414 CWE-20

Tags

Missing Update Known Vulnerabilities