Lucene search
Ubuntu.comUB:CVE-2014-0082HistoryFeb 20, 2014 - 12:00 a.m.
CVE-2014-0082
2014-02-2000:00:00
ubuntu.com
ubuntu.com
14
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.029 Low
EPSS
Percentile
90.7%
actionpack/lib/action_view/template/text.rb in Action View in Ruby on Rails
3.x before 3.2.17 converts MIME type strings to symbols during use of the
:text option to the render method, which allows remote attackers to cause a
denial of service (memory consumption) by including these strings in
headers.
Notes
| Author | Note |
|---|---|
| seth-arnold | in Oneiric-Saucy, rails package is just for transition |
References
Related
prion
prion
Code injection
2014-02-20 15:27:00
osv
osv
actionpack Improper Input Validation vulnerability
2017-10-24 18:33:36
ruby-actionpack-3.2 - security update
2014-05-16 00:00:00
github
github
actionpack Improper Input Validation vulnerability
2017-10-24 18:33:36
cve
cve
CVE-2014-0082
2014-02-20 15:27:00
debiancve
debiancve
CVE-2014-0082
2014-02-20 15:27:00
rubygems
rubygems
nessus
nessus
CentOS 6 : ruby193-rubygem-actionpack (CESA-2014:0306)
2014-03-18 00:00:00
openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2014:0295-1)
2014-06-13 00:00:00
Debian DSA-2929-1 : ruby-actionpack-3.2 - security update
2014-05-19 00:00:00
ibm
ibm
centos
centos
ruby193 security update
2014-03-17 21:55:16
redhat
redhat
(RHSA-2014:0306) Moderate: ruby193-rubygem-actionpack security update
2014-03-17 00:00:00
(RHSA-2014:0215) Critical: cfme security, bug fix, and enhancement update
2014-03-11 00:00:00
debian
debian
[SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update
2014-05-16 08:15:07
openvas
openvas
Debian Security Advisory DSA 2929-1 (ruby-actionpack-3.2 - security update)
2014-05-16 00:00:00
Debian: Security Advisory (DSA-2929-1)
2014-05-15 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2014-3232
2014-03-12 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update
2014-06-14 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:01:21
fedora
fedora
[SECURITY] Fedora 19 Update: rubygem-actionpack-3.2.13-6.fc19
2014-05-23 18:58:55
[SECURITY] Fedora 19 Update: rubygem-actionpack-3.2.13-5.fc19
2014-03-11 04:11:08
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.029 Low
EPSS
Percentile
90.7%
Related for UB:CVE-2014-0082