---

CVE-2021-22902 - log back

CVE-2021-22902 edited at 05 May 2021 16:55:45
Severity	- Unknown + Low
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ There is a possible Denial of Service vulnerability in Action Dispatch before version 6 before 6.0.3.7 and 6.1.0.2. Carefully crafted Accept headers can cause the mime type parser in Action Dispatch to do catastrophic backtracking in the regular expression engine.
References	+ https://www.openwall.com/lists/oss-security/2021/05/05/1

CVE-2021-22902 created at 05 May 2021 16:51:45
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes