7.5
CVE-2016-0751
- EPSS 6.15%
- Veröffentlicht 16.02.2016 02:59:05
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle secalert@redhat.com
- Teams Watchlist Login
- Unerledigt Login
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Rubyonrails ≫ Rails Version4.0.0 Update-
Rubyonrails ≫ Rails Version4.0.0 Updatebeta
Rubyonrails ≫ Rails Version4.0.0 Updaterc1
Rubyonrails ≫ Rails Version4.0.0 Updaterc2
Rubyonrails ≫ Rails Version4.0.1 Update-
Rubyonrails ≫ Rails Version4.0.1 Updaterc1
Rubyonrails ≫ Rails Version4.0.1 Updaterc2
Rubyonrails ≫ Rails Version4.0.1 Updaterc3
Rubyonrails ≫ Rails Version4.0.1 Updaterc4
Rubyonrails ≫ Rails Version4.0.2
Rubyonrails ≫ Rails Version4.0.3
Rubyonrails ≫ Rails Version4.0.4
Rubyonrails ≫ Rails Version4.0.5
Rubyonrails ≫ Rails Version4.0.6
Rubyonrails ≫ Rails Version4.0.6 Updaterc1
Rubyonrails ≫ Rails Version4.0.6 Updaterc2
Rubyonrails ≫ Rails Version4.0.6 Updaterc3
Rubyonrails ≫ Rails Version4.0.7
Rubyonrails ≫ Rails Version4.0.8
Rubyonrails ≫ Rails Version4.0.9
Rubyonrails ≫ Rails Version4.0.10
Rubyonrails ≫ Rails Version4.0.10 Updaterc1
Rubyonrails ≫ Rails Version4.1.0 Update-
Rubyonrails ≫ Rails Version4.1.0 Updatebeta1
Rubyonrails ≫ Rails Version4.1.1
Rubyonrails ≫ Rails Version4.1.2
Rubyonrails ≫ Rails Version4.1.2 Updaterc1
Rubyonrails ≫ Rails Version4.1.2 Updaterc2
Rubyonrails ≫ Rails Version4.1.2 Updaterc3
Rubyonrails ≫ Rails Version4.1.3
Rubyonrails ≫ Rails Version4.1.4
Rubyonrails ≫ Rails Version4.1.5
Rubyonrails ≫ Rails Version4.1.6 Updaterc1
Rubyonrails ≫ Rails Version4.1.7
Rubyonrails ≫ Rails Version4.1.8
Rubyonrails ≫ Rails Version4.1.9
Rubyonrails ≫ Rails Version4.1.10
Rubyonrails ≫ Rails Version4.1.12
Rubyonrails ≫ Rails Version4.1.13
Rubyonrails ≫ Rails Version4.2.0 Updatebeta1
Rubyonrails ≫ Rails Version4.2.0 Updatebeta2
Rubyonrails ≫ Rails Version4.2.0 Updatebeta3
Rubyonrails ≫ Rails Version4.2.0 Updatebeta4
Rubyonrails ≫ Rails Version4.2.0 Updaterc1
Rubyonrails ≫ Rails Version4.2.0 Updaterc2
Rubyonrails ≫ Rails Version4.2.0 Updaterc3
Rubyonrails ≫ Rails Version4.2.1
Rubyonrails ≫ Rails Version4.2.1 Updaterc1
Rubyonrails ≫ Rails Version4.2.1 Updaterc2
Rubyonrails ≫ Rails Version4.2.1 Updaterc3
Rubyonrails ≫ Rails Version4.2.1 Updaterc4
Rubyonrails ≫ Rails Version4.2.2
Rubyonrails ≫ Rails Version4.2.3
Rubyonrails ≫ Rails Version4.2.3 Updaterc1
Rubyonrails ≫ Rails Version4.2.4
Rubyonrails ≫ Rails Version4.2.4 Updaterc1
Rubyonrails ≫ Rails Version4.2.5
Rubyonrails ≫ Rails Version4.2.5 Updaterc1
Rubyonrails ≫ Rails Version4.2.5 Updaterc2
Rubyonrails ≫ Rails Version5.0.0 Updatebeta1
Rubyonrails ≫ Ruby On Rails Version <= 3.2.22
Rubyonrails ≫ Ruby On Rails Version4.0.10 Updaterc2
Rubyonrails ≫ Ruby On Rails Version4.0.11
Rubyonrails ≫ Ruby On Rails Version4.0.11.1
Rubyonrails ≫ Ruby On Rails Version4.0.12
Rubyonrails ≫ Ruby On Rails Version4.0.13
Rubyonrails ≫ Ruby On Rails Version4.0.13 Updaterc1
Rubyonrails ≫ Ruby On Rails Version4.1.11
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.15% | 0.904 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|