← back
CVE-2013-6414

CVE-2013-6414

23Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 21%
from disclosure to weapon0 days
Published on NVDDec 7
metasploitDec 4
exploitation probability
21%top 3% of all CVEs
observed exploitation
nono source reports it
actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers to cause a denial of service (memory consumption) via a header containing an invalid MIME type that leads to excessive caching.
Affected products
n/a · n/a