Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.
CVSS Information
N/A
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
rubygem-actionpack 安全漏洞
Vulnerability Description
actionpack是用于构建和测试 MVC Web 应用程序的简单、久经考验的约定。适用于任何与机架兼容的服务器。 rubygem-actionpack存在安全漏洞。攻击者利用该漏洞执行拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A