Sha256: bb38cbc25f6a0905a9e86e9a9802b136ad94c3db304e5e1ca09a787de98d6944

Contents?: true

Size: 518 Bytes

Versions: 6

Compression:

Stored size: 518 Bytes

Contents

---
gem: actionpack
framework: rails
cve: 2011-3186
osvdb: 74616
url: https://groups.google.com/forum/#!topic/rubyonrails-security/b_yTveAph2g
title: Response Splitting Vulnerability in Ruby on Rails
date: 2011-08-16

description: |
  A response splitting flaw in Ruby on Rails 2.3.x was reported that could allow
  a remote attacker to inject arbitrary HTTP headers into a response due to
  insufficient sanitization of the values provided for response content types.

cvss_v2: 4.3

patched_versions:
  - ">= 2.3.13"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/actionpack/OSVDB-74616.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/actionpack/OSVDB-74616.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/actionpack/OSVDB-74616.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/actionpack/OSVDB-74616.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/actionpack/OSVDB-74616.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/actionpack/OSVDB-74616.yml