GHSA-995j-587r-259w

Опубликовано: 13 авг. 2018

Источник: github

Github: Прошло ревью

Описание

Moderate severity vulnerability that affects rack-mini-profiler

Withdrawn, accidental duplicate publish.

The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2016-4442
https://github.com/advisories/GHSA-995j-587r-259w

Пакеты

Наименование

rack-mini-profiler

rubygems

Затронутые версииВерсия исправления

< 0.10.1

0.10.1