Search for vulnerabilities
| Vulnerability ID | VCID-h8gs-ansa-9bd9 |
| Aliases |
GHSA-m53f-rhq8-q6hf
|
| Summary | Moderate severity vulnerability that affects actionpack Withdrawn, accidental duplicate publish. actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 6.2 |
| Risk | 3.1 |
| Affected and Fixed Packages | Package Details |
| There are no known CWE. |
| System | Score | Found at |
|---|---|---|
| cvssv3.1_qr | MODERATE | https://github.com/advisories/GHSA-m53f-rhq8-q6hf |
| generic_textual | MODERATE | https://github.com/advisories/GHSA-m53f-rhq8-q6hf |
| generic_textual | MODERATE | https://nvd.nist.gov/vuln/detail/CVE-2016-0751 |
| Reference id | Reference type | URL |
|---|---|---|
| https://github.com/advisories/GHSA-m53f-rhq8-q6hf | ||
| https://nvd.nist.gov/vuln/detail/CVE-2016-0751 |
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-04-01T13:03:43.043662+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/09/GHSA-m53f-rhq8-q6hf/GHSA-m53f-rhq8-q6hf.json | 38.0.0 |