Description
actionpack/lib/action_view/template/text.rb in Action View in Ruby on Rails 3.x before 3.2.17 converts MIME type strings to symbols during use of the :text option to the render method, which allows remote attackers to cause a denial of service (memory consumption) by including these strings in headers.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Post Popup Directory Traversal (2.0)
PHP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2023-0567)
WordPress Plugin QR Redirector Cross-Site Scripting (1.6)
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-21336)