Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-0082

Опубликовано: 18 фев. 2014
Источник: redhat
CVSS2: 5
EPSS Низкий

Описание

actionpack/lib/action_view/template/text.rb in Action View in Ruby on Rails 3.x before 3.2.17 converts MIME type strings to symbols during use of the :text option to the render method, which allows remote attackers to cause a denial of service (memory consumption) by including these strings in headers.

Отчет

Red Hat OpenShift Enterprise 1.2 is now in Production 1 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat OpenShift Enterprise Life Cycle: https://access.redhat.com/site/support/policy/updates/openshift.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
OpenShift Enterprise 1ruby193-rubygem-actionpackWill not fix
Red Hat OpenStack Platform 3ruby193-rubygem-actionpackAffected
Red Hat OpenStack Platform 4ruby193-rubygem-actionpackAffected
Red Hat Satellite 6ruby193-rubygem-actionpackAffected
Red Hat Software Collectionsror40-rubygem-actionpackNot affected
Red Hat Subscription Asset Managerruby193-rubygem-actionpackWill not fix
CloudForms Management Engine 5.xcfmeFixedRHSA-2014:021511.03.2014
CloudForms Management Engine 5.xruby193-rubyFixedRHSA-2014:021511.03.2014
CloudForms Management Engine 5.xruby193-rubygem-actionpackFixedRHSA-2014:021511.03.2014
CloudForms Management Engine 5.xruby193-rubygem-amq-protocolFixedRHSA-2014:021511.03.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1065538rubygem-actionpack: Action View string handling denial of service

EPSS

Процентиль: 91%
0.06456
Низкий

5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-0082

ubuntu
почти 12 лет назад

actionpack/lib/action_view/template/text.rb in Action View in Ruby on Rails 3.x before 3.2.17 converts MIME type strings to symbols during use of the :text option to the render method, which allows remote attackers to cause a denial of service (memory consumption) by including these strings in headers.

nvd логотип

CVE-2014-0082

nvd
почти 12 лет назад

actionpack/lib/action_view/template/text.rb in Action View in Ruby on Rails 3.x before 3.2.17 converts MIME type strings to symbols during use of the :text option to the render method, which allows remote attackers to cause a denial of service (memory consumption) by including these strings in headers.

debian логотип

CVE-2014-0082

debian
почти 12 лет назад

actionpack/lib/action_view/template/text.rb in Action View in Ruby on ...

github логотип

GHSA-7cgp-c3g7-qvrw

github
больше 8 лет назад

actionpack Improper Input Validation vulnerability

EPSS

Процентиль: 91%
0.06456
Низкий

5 Medium

CVSS2