24Mar
CVE-2024-29034 | CarrierWave up to 2.2.5/3.0.6 Incomplete Fix CVE-2023-49090 Content-Type interpretation conflict
A vulnerability was found in CarrierWave up to 2.2.5/3.0.6 and classified as problematic. Affected by this issue is some unknown functionality of the component Incomplete Fix CVE-2023-49090. The manipulation of the argument Content-Type leads to interpretation conflict. This vulnerability is handled as CVE-2024-29034. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.