CVE-2019-5418 vulnerabilities and exploits

(subscribe to this query)

There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.

Rubyonrails Rails Debian Debian Linux 8.0 Redhat Cloudforms 4.7 Opensuse Leap 15.0 Fedoraproject Fedora 30 Redhat Cloudforms 4.6 Redhat Software Collections 1.0

1 EDB exploit12 Github repositories

There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.

Rubyonrails Rails Debian Debian Linux 8.0 Redhat Cloudforms 4.6 Redhat Cloudforms 4.7 Redhat Software Collections 1.0 Opensuse Leap 15.0 Opensuse Leap 15.1 Fedoraproject Fedora 30

3 Github repositories

A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an malicious user to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in ve...

Rubyonrails Rails Redhat Cloudforms 4.6

A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an malicious user to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a re...

Rubyonrails Rails Rubyonrails Rails 6.0.0 Debian Debian Linux 8.0 Fedoraproject Fedora 30

1 EDB exploit15 Github repositories

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook