A vulnerability was found in CarrierWave up to 2.2.5/3.0.6 and classified as problematic. Affected by this issue is some unknown functionality of the component Incomplete Fix CVE-2023-49090. The manipulation of the argument Content-Type leads to interpretation conflict.
This vulnerability is handled as CVE-2024-29034. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.