Search
Find a vulnerability
Search criteria
2 vulnerabilities found for rack-mini-profiler by miniprofiler
CVE-2016-4442 (GCVE-0-2016-4442)
Vulnerability from nvd – Published: 2017-05-02 14:00 – Updated: 2024-08-06 00:32
VLAI
EPSS
VEX
Summary
The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/MiniProfiler/rack-mini-profile… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2016/06/10/2 | mailing-listx_refsource_MLIST |
| https://github.com/MiniProfiler/rack-mini-profile… | x_refsource_CONFIRM |
Date Public
2016-06-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:24.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/MiniProfiler/rack-mini-profiler/blob/v0.10.1/CHANGELOG.md"
},
{
"name": "[oss-security] 20160610 Ruby gem rack-mini-profiler CVE-2016-4442",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/10/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/MiniProfiler/rack-mini-profiler/commit/4273771d65f1a7411e3ef5843329308d0e2d257c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-02T13:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MiniProfiler/rack-mini-profiler/blob/v0.10.1/CHANGELOG.md"
},
{
"name": "[oss-security] 20160610 Ruby gem rack-mini-profiler CVE-2016-4442",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/10/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MiniProfiler/rack-mini-profiler/commit/4273771d65f1a7411e3ef5843329308d0e2d257c"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-4442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/MiniProfiler/rack-mini-profiler/blob/v0.10.1/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/MiniProfiler/rack-mini-profiler/blob/v0.10.1/CHANGELOG.md"
},
{
"name": "[oss-security] 20160610 Ruby gem rack-mini-profiler CVE-2016-4442",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/10/2"
},
{
"name": "https://github.com/MiniProfiler/rack-mini-profiler/commit/4273771d65f1a7411e3ef5843329308d0e2d257c",
"refsource": "CONFIRM",
"url": "https://github.com/MiniProfiler/rack-mini-profiler/commit/4273771d65f1a7411e3ef5843329308d0e2d257c"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4442",
"datePublished": "2017-05-02T14:00:00.000Z",
"dateReserved": "2016-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:32:24.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4442 (GCVE-0-2016-4442)
Vulnerability from cvelistv5 – Published: 2017-05-02 14:00 – Updated: 2024-08-06 00:32
VLAI
EPSS
VEX
Summary
The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/MiniProfiler/rack-mini-profile… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2016/06/10/2 | mailing-listx_refsource_MLIST |
| https://github.com/MiniProfiler/rack-mini-profile… | x_refsource_CONFIRM |
Date Public
2016-06-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:24.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/MiniProfiler/rack-mini-profiler/blob/v0.10.1/CHANGELOG.md"
},
{
"name": "[oss-security] 20160610 Ruby gem rack-mini-profiler CVE-2016-4442",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/10/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/MiniProfiler/rack-mini-profiler/commit/4273771d65f1a7411e3ef5843329308d0e2d257c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-02T13:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MiniProfiler/rack-mini-profiler/blob/v0.10.1/CHANGELOG.md"
},
{
"name": "[oss-security] 20160610 Ruby gem rack-mini-profiler CVE-2016-4442",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/10/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MiniProfiler/rack-mini-profiler/commit/4273771d65f1a7411e3ef5843329308d0e2d257c"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-4442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/MiniProfiler/rack-mini-profiler/blob/v0.10.1/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/MiniProfiler/rack-mini-profiler/blob/v0.10.1/CHANGELOG.md"
},
{
"name": "[oss-security] 20160610 Ruby gem rack-mini-profiler CVE-2016-4442",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/10/2"
},
{
"name": "https://github.com/MiniProfiler/rack-mini-profiler/commit/4273771d65f1a7411e3ef5843329308d0e2d257c",
"refsource": "CONFIRM",
"url": "https://github.com/MiniProfiler/rack-mini-profiler/commit/4273771d65f1a7411e3ef5843329308d0e2d257c"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4442",
"datePublished": "2017-05-02T14:00:00.000Z",
"dateReserved": "2016-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:32:24.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}