Vulnerabilites related to Rails - https://github.com/rails/rails
cve-2019-5419
Vulnerability from cvelistv5
Published
2019-03-27 13:43
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rails | https://github.com/rails/rails |
Version: 5.2.2.1 Version: 5.1.6.2 Version: 5.0.7.2 Version: 4.2.11.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:54:53.468Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20190322 [CVE-2019-5418] Amendment: Possible Remote Code Execution Exploit in Action View", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/03/22/1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://groups.google.com/forum/#%21topic/rubyonrails-security/GN7w9fFAQeI", }, { name: "[debian-lts-announce] 20190331 [SECURITY] [DLA 1739-1] rails security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00042.html", }, { name: "RHSA-2019:0796", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0796", }, { name: "openSUSE-SU-2019:1344", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html", }, { name: "FEDORA-2019-1cfe24db5c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/", }, { name: "RHSA-2019:1149", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1149", }, { name: "RHSA-2019:1147", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1147", }, { name: "RHSA-2019:1289", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1289", }, { name: "openSUSE-SU-2019:1527", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html", }, { name: "openSUSE-SU-2019:1824", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/rails/rails", vendor: "Rails", versions: [ { status: "affected", version: "5.2.2.1", }, { status: "affected", version: "5.1.6.2", }, { status: "affected", version: "5.0.7.2", }, { status: "affected", version: "4.2.11.1", }, ], }, ], datePublic: "2019-03-13T00:00:00", descriptions: [ { lang: "en", value: "There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "Denial of Service (CWE-400)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-01T20:06:09", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { name: "[oss-security] 20190322 [CVE-2019-5418] Amendment: Possible Remote Code Execution Exploit in Action View", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/03/22/1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://groups.google.com/forum/#%21topic/rubyonrails-security/GN7w9fFAQeI", }, { name: "[debian-lts-announce] 20190331 [SECURITY] [DLA 1739-1] rails security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00042.html", }, { name: "RHSA-2019:0796", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0796", }, { name: "openSUSE-SU-2019:1344", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html", }, { name: "FEDORA-2019-1cfe24db5c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/", }, { name: "RHSA-2019:1149", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1149", }, { name: "RHSA-2019:1147", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1147", }, { name: "RHSA-2019:1289", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1289", }, { name: "openSUSE-SU-2019:1527", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html", }, { name: "openSUSE-SU-2019:1824", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "support@hackerone.com", ID: "CVE-2019-5419", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "https://github.com/rails/rails", version: { version_data: [ { version_value: "5.2.2.1", }, { version_value: "5.1.6.2", }, { version_value: "5.0.7.2", }, { version_value: "4.2.11.1", }, ], }, }, ], }, vendor_name: "Rails", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service (CWE-400)", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20190322 [CVE-2019-5418] Amendment: Possible Remote Code Execution Exploit in Action View", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/03/22/1", }, { name: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", refsource: "CONFIRM", url: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", }, { name: "https://groups.google.com/forum/#!topic/rubyonrails-security/GN7w9fFAQeI", refsource: "CONFIRM", url: "https://groups.google.com/forum/#!topic/rubyonrails-security/GN7w9fFAQeI", }, { name: "[debian-lts-announce] 20190331 [SECURITY] [DLA 1739-1] rails security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00042.html", }, { name: "RHSA-2019:0796", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0796", }, { name: "openSUSE-SU-2019:1344", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html", }, { name: "FEDORA-2019-1cfe24db5c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/", }, { name: "RHSA-2019:1149", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1149", }, { name: "RHSA-2019:1147", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1147", }, { name: "RHSA-2019:1289", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1289", }, { name: "openSUSE-SU-2019:1527", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html", }, { name: "openSUSE-SU-2019:1824", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2019-5419", datePublished: "2019-03-27T13:43:19", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:54:53.468Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5420
Vulnerability from cvelistv5
Published
2019-03-27 13:48
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.
References
| ▼ | URL | Tags |
|---|---|---|
| https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/ | x_refsource_CONFIRM | |
| https://groups.google.com/forum/#%21topic/rubyonrails-security/IsQKvDqZdKw | x_refsource_CONFIRM | |
| http://packetstormsecurity.com/files/152704/Ruby-On-Rails-DoubleTap-Development-Mode-secret_key_base-Remote-Code-Execution.html | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/46785/ | exploit, x_refsource_EXPLOIT-DB | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rails | https://github.com/rails/rails |
Version: 5.2.2.1 Version: 6.0.0.beta3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:54:53.584Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://groups.google.com/forum/#%21topic/rubyonrails-security/IsQKvDqZdKw", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/152704/Ruby-On-Rails-DoubleTap-Development-Mode-secret_key_base-Remote-Code-Execution.html", }, { name: "46785", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/46785/", }, { name: "FEDORA-2019-1cfe24db5c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/rails/rails", vendor: "Rails", versions: [ { status: "affected", version: "5.2.2.1", }, { status: "affected", version: "6.0.0.beta3", }, ], }, ], datePublic: "2019-03-13T00:00:00", descriptions: [ { lang: "en", value: "A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "Command Injection - Generic (CWE-77)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-10T02:06:01", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://groups.google.com/forum/#%21topic/rubyonrails-security/IsQKvDqZdKw", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/152704/Ruby-On-Rails-DoubleTap-Development-Mode-secret_key_base-Remote-Code-Execution.html", }, { name: "46785", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/46785/", }, { name: "FEDORA-2019-1cfe24db5c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "support@hackerone.com", ID: "CVE-2019-5420", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "https://github.com/rails/rails", version: { version_data: [ { version_value: "5.2.2.1", }, { version_value: "6.0.0.beta3", }, ], }, }, ], }, vendor_name: "Rails", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Command Injection - Generic (CWE-77)", }, ], }, ], }, references: { reference_data: [ { name: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", refsource: "CONFIRM", url: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", }, { name: "https://groups.google.com/forum/#!topic/rubyonrails-security/IsQKvDqZdKw", refsource: "CONFIRM", url: "https://groups.google.com/forum/#!topic/rubyonrails-security/IsQKvDqZdKw", }, { name: "http://packetstormsecurity.com/files/152704/Ruby-On-Rails-DoubleTap-Development-Mode-secret_key_base-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/152704/Ruby-On-Rails-DoubleTap-Development-Mode-secret_key_base-Remote-Code-Execution.html", }, { name: "46785", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/46785/", }, { name: "FEDORA-2019-1cfe24db5c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2019-5420", datePublished: "2019-03-27T13:48:13", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:54:53.584Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5418
Vulnerability from cvelistv5
Published
2019-03-27 13:38
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rails | https://github.com/rails/rails |
Version: 5.2.2.1 Version: 5.1.6.2 Version: 5.0.7.2 Version: 4.2.11.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:54:53.606Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "46585", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/46585/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/152178/Rails-5.2.1-Arbitrary-File-Content-Disclosure.html", }, { name: "[oss-security] 20190322 [CVE-2019-5418] Amendment: Possible Remote Code Execution Exploit in Action View", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/03/22/1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://groups.google.com/forum/#%21topic/rubyonrails-security/pFRKI96Sm8Q", }, { name: "[debian-lts-announce] 20190331 [SECURITY] [DLA 1739-1] rails security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00042.html", }, { name: "RHSA-2019:0796", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0796", }, { name: "openSUSE-SU-2019:1344", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html", }, { name: "FEDORA-2019-1cfe24db5c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/", }, { name: "RHSA-2019:1149", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1149", }, { name: "RHSA-2019:1147", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1147", }, { name: "RHSA-2019:1289", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1289", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/rails/rails", vendor: "Rails", versions: [ { status: "affected", version: "5.2.2.1", }, { status: "affected", version: "5.1.6.2", }, { status: "affected", version: "5.0.7.2", }, { status: "affected", version: "4.2.11.1", }, ], }, ], datePublic: "2019-03-13T00:00:00", descriptions: [ { lang: "en", value: "There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "Path Traversal (CWE-22)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-11T18:33:30", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { name: "46585", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/46585/", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/152178/Rails-5.2.1-Arbitrary-File-Content-Disclosure.html", }, { name: "[oss-security] 20190322 [CVE-2019-5418] Amendment: Possible Remote Code Execution Exploit in Action View", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/03/22/1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://groups.google.com/forum/#%21topic/rubyonrails-security/pFRKI96Sm8Q", }, { name: "[debian-lts-announce] 20190331 [SECURITY] [DLA 1739-1] rails security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00042.html", }, { name: "RHSA-2019:0796", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0796", }, { name: "openSUSE-SU-2019:1344", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html", }, { name: "FEDORA-2019-1cfe24db5c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/", }, { name: "RHSA-2019:1149", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1149", }, { name: "RHSA-2019:1147", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1147", }, { name: "RHSA-2019:1289", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1289", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "support@hackerone.com", ID: "CVE-2019-5418", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "https://github.com/rails/rails", version: { version_data: [ { version_value: "5.2.2.1", }, { version_value: "5.1.6.2", }, { version_value: "5.0.7.2", }, { version_value: "4.2.11.1", }, ], }, }, ], }, vendor_name: "Rails", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Path Traversal (CWE-22)", }, ], }, ], }, references: { reference_data: [ { name: "46585", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/46585/", }, { name: "http://packetstormsecurity.com/files/152178/Rails-5.2.1-Arbitrary-File-Content-Disclosure.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/152178/Rails-5.2.1-Arbitrary-File-Content-Disclosure.html", }, { name: "[oss-security] 20190322 [CVE-2019-5418] Amendment: Possible Remote Code Execution Exploit in Action View", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/03/22/1", }, { name: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", refsource: "CONFIRM", url: "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/", }, { name: "https://groups.google.com/forum/#!topic/rubyonrails-security/pFRKI96Sm8Q", refsource: "CONFIRM", url: "https://groups.google.com/forum/#!topic/rubyonrails-security/pFRKI96Sm8Q", }, { name: "[debian-lts-announce] 20190331 [SECURITY] [DLA 1739-1] rails security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00042.html", }, { name: "RHSA-2019:0796", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0796", }, { name: "openSUSE-SU-2019:1344", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html", }, { name: "FEDORA-2019-1cfe24db5c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/", }, { name: "RHSA-2019:1149", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1149", }, { name: "RHSA-2019:1147", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1147", }, { name: "RHSA-2019:1289", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1289", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2019-5418", datePublished: "2019-03-27T13:38:58", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:54:53.606Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }