VYPR
High severity7.5NVD Advisory· Published Feb 16, 2016· Updated Jun 17, 2026

CVE-2016-0751

CVE-2016-0751

Description

actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
actionpackRubyGems
>= 4.2.0, < 4.2.5.14.2.5.1
actionpackRubyGems
< 3.2.22.13.2.22.1
actionpackRubyGems
>= 4.0.0, < 4.1.14.14.1.14.1

Affected products

86

Patches

Vulnerability mechanics

References

20

News mentions

0

No linked articles in our index yet.