Описание
actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an application's use of a wildcard controller route.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| rails | fixed | 2:4.2.5.1-1 | package | |
| rails | not-affected | wheezy | package | |
| rails | end-of-life | squeeze | package | |
| ruby-actionpack-3.2 | removed | package | ||
| ruby-actionpack-3.2 | not-affected | wheezy | package | |
| ruby-actionpack-2.3 | removed | package | ||
| ruby-actionpack-2.3 | end-of-life | wheezy | package |
EPSS
Связанные уязвимости
actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an application's use of a wildcard controller route.
actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an application's use of a wildcard controller route.
actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an application's use of a wildcard controller route.
actionpack is vulnerable to denial of service because of a wildcard controller route
Уязвимость программной платформы Ruby on Rails, позволяющая нарушителю вызвать отказ в обслуживании
EPSS