Multiple format string vulnerabilities in log_subscriber.rb files in
the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15
allow remote attackers to cause a denial of service via a crafted e-mail address
that is improperly handled during construction of a log message.
CPE | Name | Operator | Version |
---|---|---|---|
actionmailer | le | 2.3.1 | |
actionmailer | ge | 2.4.0 | |
actionmailer | lt | 3.2.15 |