OS X security update for Profile Manager (CVE-2016-0751)
|5||(AV:N/AC:L/Au:N/C:N/I:N/A:P)||February 15, 2016||March 28, 2017||October 30, 2017|
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 126.96.36.199, 4.0.x and 4.1.x before 188.8.131.52, 4.2.x before 184.108.40.206, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities