There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.

References

bugzilla.redhat.com/show_bug.cgi?id=1689160

groups.google.com/forum/#!msg/rubyonrails-security/GN7w9fFAQeI/0iQIiLP2CgAJ

nvd.nist.gov/vuln/detail/CVE-2019-5419

www.cve.org/CVERecord?id=CVE-2019-5419

ubuntucve 1

cvelist 1

debiancve 1

cve 1

veracode 1

nvd 1

prion 1

ibm 1

gitlab 1

osv 3

rubygems 1

debian 1

suse 5

nessus 16

openvas 23

redhat 4

freebsd 1

github 1

githubexploit 2

fedora 11

ubuntucve

CVE-2019-5419

2019-03-27 00:00:00

cvelist

CVE-2019-5419

2019-03-27 13:43:19

debiancve

CVE-2019-5419

2019-03-27 14:29:01

cve

CVE-2019-5419

2019-03-27 14:29:01

veracode

Denial Of Service (DoS)

2019-03-14 03:23:36

nvd

CVE-2019-5419

2019-03-27 14:29:01

prion

Denial of service

2019-03-27 14:29:00

ibm

Security Bulletin: A vulnerability in Ruby on Rails affects IBM License Metric Tool v9 (CVE-2019-5419).

2019-10-10 19:56:25

gitlab

Allocation of Resources Without Limits or Throttling

2019-03-27 00:00:00

osv

CVE-2019-5419

2019-03-27 14:29:01

Denial of Service Vulnerability in Action View

2019-03-13 17:25:55

rails - security update

2019-03-30 00:00:00

rubygems

Denial of Service Vulnerability in Action View

2019-03-12 21:00:00

debian

[SECURITY] [DLA 1739-1] rails security update

2019-03-31 13:51:06

suse

Security update for rubygem-actionpack-5_1 (moderate)

2019-05-08 00:00:00

Security update for rmt-server (important)

2019-08-01 00:00:00

Security update for rmt-server (important)

2019-06-07 00:00:00

nessus

openSUSE Security Update : rubygem-actionpack-5_1 (openSUSE-2019-1344)

2019-05-09 00:00:00

Debian DLA-1739-1 : rails security update

2019-04-01 00:00:00

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2019:1381-1)

2019-05-31 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2019:1381-1)

2021-06-09 00:00:00

openSUSE: Security Advisory for rmt-server (openSUSE-SU-2019:1824-1)

2020-01-09 00:00:00

openSUSE: Security Advisory for rmt-server (openSUSE-SU-2019:1527-1)

2019-06-08 00:00:00

redhat

(RHSA-2019:1147) Important: rh-ror50-rubygem-actionpack security update

2019-05-13 08:36:21

(RHSA-2019:1149) Important: rh-ror42-rubygem-actionpack security update

2019-05-13 08:53:04

(RHSA-2019:1289) Important: CloudForms 4.6.9 security, bug fix and enhancement update

2019-05-29 12:36:40

freebsd

Rails -- Action View vulnerabilities

2019-03-13 00:00:00

github

Denial of Service Vulnerability in Action View

2019-03-13 17:25:55

githubexploit

Exploit for Vulnerability in Rubyonrails Rails

2019-03-16 11:58:18

Exploit for Vulnerability in Rubyonrails Rails

2019-03-23 02:52:31

fedora

[SECURITY] Fedora 30 Update: rubygem-actionpack-5.2.3-2.fc30

2019-05-10 00:48:41

[SECURITY] Fedora 30 Update: rubygem-activesupport-5.2.3-1.fc30

2019-05-10 00:48:41

[SECURITY] Fedora 30 Update: rubygem-railties-5.2.3-1.fc30

2019-05-10 00:48:41

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.003 Low

EPSS

Percentile

71.4%

JSON

Related for RH:CVE-2019-5419