Description
actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers to cause a denial of service (memory consumption) via a header containing an invalid MIME type that leads to excessive caching.
Remediation
References
Related Vulnerabilities
MySQL CVE-2023-22057 Vulnerability (CVE-2023-22057)
Joomla! Core 1.5.x Variable Injection (1.5.0 - 1.5.6)
SugarCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-35808)
Apache Tomcat Improper Input Validation Vulnerability (CVE-2013-4286)
Ruby on Rails Improper Input Validation Vulnerability (CVE-2019-5420)