๐ Internet Bug Bounty: [CVE-2024-26142] ReDoS vulnerability in Accept header parsing in Action Dispatch
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vulners.com
I've made a report and provided a patch https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946 Impact Carefully crafted Accept headers can cause Accept header parsing in Action Dispatch to take an unexpected amount of time, possibly resulting in a DoS... ...