The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| miniprofiler | rack-mini-profiler | * |