Lucene search

CVE-2019-16201

🗓️ 26 Nov 2019 18:15:15Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 392 Views

WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 134
NVD	CVE-2019-16201	26 Nov 201918:15	–	nvd
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2019-16201	4 Mar 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : ruby (EulerOS-SA-2020-1615)	2 Jun 202000:00	–	nessus
Tenable Nessus	Photon OS 1.0: Ruby PHSA-2019-1.0-0263	16 Jan 202000:00	–	nessus
Tenable Nessus	Photon OS 2.0: Ruby PHSA-2019-2.0-0196	16 Jan 202000:00	–	nessus
Tenable Nessus	Ubuntu 16.04 LTS / 18.04 LTS : Ruby vulnerabilities (USN-4201-1)	27 Nov 201900:00	–	nessus
Tenable Nessus	Debian DSA-4587-1 : ruby2.3 - security update	18 Dec 201900:00	–	nessus
Tenable Nessus	Photon OS 3.0: Ruby PHSA-2020-3.0-0047	18 Jan 202000:00	–	nessus
Tenable Nessus	Debian DLA-2027-1 : jruby security update	12 Dec 201900:00	–	nessus
Tenable Nessus	GLSA-202003-06 : Ruby: Multiple vulnerabilities	13 Mar 202000:00	–	nessus

Nvd

Node

ruby-lang rubyRange2.4.0–2.4.7

ruby-lang rubyRange2.5.0–2.5.6

ruby-lang rubyRange2.6.0–2.6.4

Node

debian debian_linuxMatch8.0

Source	Link
debian	www.debian.org/security/2019/dsa-4587
lists	www.lists.debian.org/debian-lts-announce/2019/11/msg00025.html
hackerone	www.hackerone.com/reports/661722
lists	www.lists.debian.org/debian-lts-announce/2020/08/msg00027.html
seclists	www.seclists.org/bugtraq/2019/Dec/32
lists	www.lists.debian.org/debian-lts-announce/2023/04/msg00033.html
lists	www.lists.debian.org/debian-lts-announce/2019/12/msg00009.html
security	www.security.gentoo.org/glsa/202003-06
seclists	www.seclists.org/bugtraq/2019/Dec/31
lists	www.lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Nov 2019 18:15Current

7.6High risk

Vulners AI Score7.6

CVSS27.8

CVSS37.5

EPSS0.00446

CWE-287