Lucene search
+L

217 matches found

OSV
OSV
added 2019/03/27 2:29 p.m.23 views

CVE-2019-5419

There is a possible denial of service vulnerability in Action View Rails 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive...

7.5CVSS7.3AI score
Exploits0References12
NVD
NVD
added 2019/03/27 2:29 p.m.29 views

CVE-2019-5419

There is a possible denial of service vulnerability in Action View Rails 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive...

7.8CVSS7.3AI score0.08671EPSS
Exploits3References12
NVD
NVD
added 2019/03/27 2:29 p.m.28 views

CVE-2019-5418

There is a File Content Disclosure vulnerability in Action View 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed...

7.5CVSS7.4AI score0.98507EPSS
Exploits18References14
Prion
Prion
added 2019/03/27 2:29 p.m.30 views

Denial of service

There is a possible denial of service vulnerability in Action View Rails 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive...

7.8CVSS7.1AI score0.08671EPSS
Exploits3References12Affected Software6
Prion
Prion
added 2019/03/27 2:29 p.m.33 views

Design/Logic Flaw

There is a File Content Disclosure vulnerability in Action View 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed...

5CVSS7.2AI score0.98507EPSS
Exploits18References12Affected Software6
UbuntuCve
UbuntuCve
added 2019/03/27 2:29 p.m.46 views

CVE-2019-5418

There is a File Content Disclosure vulnerability in Action View 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed...

7.5CVSS7.1AI score0.98507EPSS
Exploits18References4
UbuntuCve
UbuntuCve
added 2019/03/27 2:29 p.m.39 views

CVE-2019-5419

There is a possible denial of service vulnerability in Action View Rails 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive...

7.8CVSS6.8AI score0.08671EPSS
Exploits3References2
canvas
canvas
added 2019/03/27 2:29 p.m.51 views

Immunity Canvas: RAILS_ACCEPT_READFILE

Name| railsacceptreadfile ---|--- CVE| CVE-2019-5418 Exploit Pack| CANVAS Description| Ruby on Rails Arbitrary File Read CVE-2019-5418 Notes| CVE Name: CVE-2019-5418 VENDOR: Rails NOTES: The vulnerability resides in Action View in combination with calls to 'render file:' in a controller. You need...

5CVSS0.6AI score0.98507EPSS
Exploits18
OSV
OSV
added 2019/03/27 2:29 p.m.10 views

UBUNTU-CVE-2019-5418

There is a File Content Disclosure vulnerability in Action View 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed...

7.5CVSS7AI score0.98507EPSS
Exploits18References5
OSV
OSV
added 2019/03/27 2:29 p.m.12 views

UBUNTU-CVE-2019-5419

There is a possible denial of service vulnerability in Action View Rails 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive...

7.5CVSS7.1AI score0.08671EPSS
Exploits3References3
CVE
CVE
added 2019/03/27 1:43 p.m.274 views

CVE-2019-5419

CVE-2019-5419 describes a denial-of-service in Ruby on Rails Action View triggered by specially crafted Accept headers, affecting Rails <5.2.2.1, <5.1.6.2, <5.0.7.2,

7.8CVSS8.1AI score0.08671EPSS
Exploits3References12Affected Software1
Cvelist
Cvelist
added 2019/03/27 1:43 p.m.40 views

CVE-2019-5419

There is a possible denial of service vulnerability in Action View Rails 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive...

8.2AI score0.08671EPSS
Exploits3References12
Debian CVE
Debian CVE
added 2019/03/27 1:43 p.m.61 views

CVE-2019-5419

There is a possible denial of service vulnerability in Action View Rails 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive...

7.8CVSS6.6AI score0.08671EPSS
Exploits3
Vulnrichment
Vulnrichment
added 2019/03/27 1:38 p.m.7 views

CVE-2019-5418

There is a File Content Disclosure vulnerability in Action View 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed...

7AI score0.98507EPSS
Exploits18References12
Debian CVE
Debian CVE
added 2019/03/27 1:38 p.m.39 views

CVE-2019-5418

There is a File Content Disclosure vulnerability in Action View 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed...

7.5CVSS7.4AI score0.98507EPSS
Exploits18
Cvelist
Cvelist
added 2019/03/27 1:38 p.m.33 views

CVE-2019-5418

There is a File Content Disclosure vulnerability in Action View 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed...

7.5AI score0.98507EPSS
Exploits18References12
CVE
CVE
added 2019/03/27 1:38 p.m.421 views

CVE-2019-5418

CVE-2019-5418 (Rails/Action View) affects Rails/Action View versions prior to 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3. The flaw is a File Content Disclosure via specially crafted accept headers in combination with calls to render file:, allowing an attacker to disclose contents of arbitrary fi...

7.5CVSS8.3AI score0.98507EPSS
In wildExploits18References14Affected Software1
ATTACKERKB
ATTACKERKB
added 2019/03/27 12:0 a.m.46 views

Ruby on Rails 5.2 "DoubleTap" Directory Traversal

Ruby on Rails 5.2.2 and prior are vulnerable to a directory traversal attack due to the way the HTTP ACCEPT header is parsed, which ends up being a template for Rails to render. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported: Background Ruby on Rails is a server-side web...

7.5CVSS0.3AI score0.98507EPSS
Exploits18References6
ATTACKERKB
ATTACKERKB
added 2019/03/27 12:0 a.m.6 views

CVE-2019-5418

There is a File Content Disclosure vulnerability in Action View 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system’s filesystem to be exposed. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...

7.5CVSS7AI score0.98507EPSS
In wildExploits18References17
GitLab Advisory Database
GitLab Advisory Database
added 2019/03/27 12:0 a.m.34 views

Allocation of Resources Without Limits or Throttling

There is a possible denial of service vulnerability in Action View Rails where specially crafted accept headers can cause action view to consume % cpu and make the server unresponsive...

7.8CVSS4.2AI score0.08671EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder