vulnerability
Ruby on Rails: Unspecified Security Vulnerability (CVE-2019-5418)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | 2019-03-27 | 2020-01-03 | 2024-11-27 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
2019-03-27
Added
2020-01-03
Modified
2024-11-27
Description
There is a File Content Disclosure vulnerability in Action View
Solution(s)
ruby-on-rails-upgrade-4_2_11_1ruby-on-rails-upgrade-5_0_7_2ruby-on-rails-upgrade-5_1_6_2ruby-on-rails-upgrade-5_2_2_1
References
- CVE-2019-5418
- https://attackerkb.com/topics/CVE-2019-5418
- URL-http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html
- URL-http://packetstormsecurity.com/files/152178/Rails-5.2.1-Arbitrary-File-Content-Disclosure.html
- URL-http://www.openwall.com/lists/oss-security/2019/03/22/1
- URL-https://access.redhat.com/errata/RHSA-2019:0796
- URL-https://access.redhat.com/errata/RHSA-2019:1147
- URL-https://access.redhat.com/errata/RHSA-2019:1149
- URL-https://access.redhat.com/errata/RHSA-2019:1289
- URL-https://groups.google.com/forum/#%21topic/rubyonrails-security/pFRKI96Sm8Q
- URL-https://lists.debian.org/debian-lts-announce/2019/03/msg00042.html
- URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/
- URL-https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/
- URL-https://www.exploit-db.com/exploits/46585/
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.