---
url: http://www.osvdb.org/show/osvdb/84243
title: Ruby on Rails actionpack/lib/action_controller/metal/http_authentication.rb with_http_digest Helper Method Remote DoS 

description: >
  Ruby on Rails contains a flaw that may allow a remote denial of
  service. The issue is triggered when an error occurs in
  actionpack/lib/action_controller/metal/http_authentication.rb when the
  with_http_digest helper method is being used. This may allow a remote
  attacker to cause a loss of availability for the program.

cvss_v2: 4.3

patched_versions:
  - ~> 3.0.16
  - ~> 3.1.7
  - ">= 3.2.7"