Ruby on Rails Resource Management Errors Vulnerability - CVE-2016-0751 - Vulnerability Database

Ruby on Rails Resource Management Errors Vulnerability - CVE-2016-0751

High
Reference: CVE-2016-0751
Title: Ruby on Rails Resource Management Errors Vulnerability
Overview:

actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1 4.0.x and 4.1.x before 4.1.14.1 4.2.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.