ASA-2019-00131 – Ruby on Rails: Denial of Service Vulnerability in Action View

Specially crafted accept headers can cause the Action View template location code to consume 100% CPU, causing the server unable to process requests. This impacts all Rails applications that render views. All users running an affected release should either upgrade or use one of the workarounds immediately.