Information Exposure Affecting rack-mini-profiler package, versions < 0.10.1
Snyk CVSS
Attack Complexity
Low
Threat Intelligence
EPSS
0.21% (60th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RUBY-RACKMINIPROFILER-20267
- published 17 May 2016
- disclosed 17 May 2016
- credit Unknown
Introduced: 17 May 2016
CVE-2016-4442 Open this link in a new tabOverview
rack-mini-profiler is a profiling toolkit for Rack applications with Rails integration. Affected versions of this gem are vulnerable to information exposure via carefully crafted requests. Attackers and unauthorized users can get ahold of strings and objects allocated during the request.