OS X security update for Profile Manager (CVE-2016-0751)
|5||(AV:N/AC:L/Au:N/C:N/I:N/A:P)||February 14, 2016||March 27, 2017||October 29, 2017|
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 184.108.40.206, 4.0.x and 4.1.x before 220.127.116.11, 4.2.x before 18.104.22.168, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!