CVE-2016-4442
The CVE concerns the rack-mini-profiler gem for Ruby, specifically versions before 0.10.1. The underlying issue is an incorrect ordering of security checks that can allow remote attackers to obtain sensitive information about allocated strings and objects. This is confirmed in multiple connected ...