Skip to content

Commit 18786e5

Browse files
phillmvphillmv
authored
Merge pull request #264 from xthk/CVE-2016-4442
Add CVE-2016-4442 for rack-mini-profiler
2 parents 7197f4b + dbea966 commit 18786e5

File tree

1 file changed

+17
-0
lines changed

1 file changed

+17
-0
lines changed

gems/rack-mini-profiler/CVE-2016-4442.yml

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
---
2+
gem: rack-mini-profiler
3+
cve: 2016-4442
4+
url: https://github.com/MiniProfiler/rack-mini-profiler/commit/4273771d65f1a7411e3ef5843329308d0e2d257c
5+
title: rack-mini-profiler may disclose information to unauthorized users
6+
date: 2016-05-18
7+
description: >-
8+
Carefully crafted requests can expose information about
9+
strings and objects allocated during the request for unauthorised
10+
users.
11+
12+
patched_versions:
13+
- ">= 0.10.1"
14+
15+
related:
16+
url:
17+
- http://seclists.org/oss-sec/2016/q2/516

0 commit comments

Comments
 (0)