CVE-2023-28846
CVE-2023-28846 affects the unpoly-rails gem used with Rails. The DoS arises when echoing the request URL in the X-Up-Location header: crafted requests with extremely long URLs can produce an oversized header, which may cause a downstream load balancer to remove the upstream from the pool, making ...