7.5
CVE-2016-0751
- EPSS 6.15%
- Published 16.02.2016 02:59:05
- Last modified 12.04.2025 10:46:40
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Data is provided by the National Vulnerability Database (NVD)
Rubyonrails ≫ Rails Version4.0.0 Update-
Rubyonrails ≫ Rails Version4.0.0 Updatebeta
Rubyonrails ≫ Rails Version4.0.0 Updaterc1
Rubyonrails ≫ Rails Version4.0.0 Updaterc2
Rubyonrails ≫ Rails Version4.0.1 Update-
Rubyonrails ≫ Rails Version4.0.1 Updaterc1
Rubyonrails ≫ Rails Version4.0.1 Updaterc2
Rubyonrails ≫ Rails Version4.0.1 Updaterc3
Rubyonrails ≫ Rails Version4.0.1 Updaterc4
Rubyonrails ≫ Rails Version4.0.2
Rubyonrails ≫ Rails Version4.0.3
Rubyonrails ≫ Rails Version4.0.4
Rubyonrails ≫ Rails Version4.0.5
Rubyonrails ≫ Rails Version4.0.6
Rubyonrails ≫ Rails Version4.0.6 Updaterc1
Rubyonrails ≫ Rails Version4.0.6 Updaterc2
Rubyonrails ≫ Rails Version4.0.6 Updaterc3
Rubyonrails ≫ Rails Version4.0.7
Rubyonrails ≫ Rails Version4.0.8
Rubyonrails ≫ Rails Version4.0.9
Rubyonrails ≫ Rails Version4.0.10
Rubyonrails ≫ Rails Version4.0.10 Updaterc1
Rubyonrails ≫ Rails Version4.1.0 Update-
Rubyonrails ≫ Rails Version4.1.0 Updatebeta1
Rubyonrails ≫ Rails Version4.1.1
Rubyonrails ≫ Rails Version4.1.2
Rubyonrails ≫ Rails Version4.1.2 Updaterc1
Rubyonrails ≫ Rails Version4.1.2 Updaterc2
Rubyonrails ≫ Rails Version4.1.2 Updaterc3
Rubyonrails ≫ Rails Version4.1.3
Rubyonrails ≫ Rails Version4.1.4
Rubyonrails ≫ Rails Version4.1.5
Rubyonrails ≫ Rails Version4.1.6 Updaterc1
Rubyonrails ≫ Rails Version4.1.7
Rubyonrails ≫ Rails Version4.1.8
Rubyonrails ≫ Rails Version4.1.9
Rubyonrails ≫ Rails Version4.1.10
Rubyonrails ≫ Rails Version4.1.12
Rubyonrails ≫ Rails Version4.1.13
Rubyonrails ≫ Rails Version4.2.0 Updatebeta1
Rubyonrails ≫ Rails Version4.2.0 Updatebeta2
Rubyonrails ≫ Rails Version4.2.0 Updatebeta3
Rubyonrails ≫ Rails Version4.2.0 Updatebeta4
Rubyonrails ≫ Rails Version4.2.0 Updaterc1
Rubyonrails ≫ Rails Version4.2.0 Updaterc2
Rubyonrails ≫ Rails Version4.2.0 Updaterc3
Rubyonrails ≫ Rails Version4.2.1
Rubyonrails ≫ Rails Version4.2.1 Updaterc1
Rubyonrails ≫ Rails Version4.2.1 Updaterc2
Rubyonrails ≫ Rails Version4.2.1 Updaterc3
Rubyonrails ≫ Rails Version4.2.1 Updaterc4
Rubyonrails ≫ Rails Version4.2.2
Rubyonrails ≫ Rails Version4.2.3
Rubyonrails ≫ Rails Version4.2.3 Updaterc1
Rubyonrails ≫ Rails Version4.2.4
Rubyonrails ≫ Rails Version4.2.4 Updaterc1
Rubyonrails ≫ Rails Version4.2.5
Rubyonrails ≫ Rails Version4.2.5 Updaterc1
Rubyonrails ≫ Rails Version4.2.5 Updaterc2
Rubyonrails ≫ Rails Version5.0.0 Updatebeta1
Rubyonrails ≫ Ruby On Rails Version <= 3.2.22
Rubyonrails ≫ Ruby On Rails Version4.0.10 Updaterc2
Rubyonrails ≫ Ruby On Rails Version4.0.11
Rubyonrails ≫ Ruby On Rails Version4.0.11.1
Rubyonrails ≫ Ruby On Rails Version4.0.12
Rubyonrails ≫ Ruby On Rails Version4.0.13
Rubyonrails ≫ Ruby On Rails Version4.0.13 Updaterc1
Rubyonrails ≫ Ruby On Rails Version4.1.11
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.15% | 0.904 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|