CVE-2019-11879 in Ruby Programming Language and Apache Products
Published on May 10, 2019

The WEBrick gem 1.4.2 for Ruby allows directory traversal if the attacker once had local access to create a symlink to a location outside of the web root directory. NOTE: The vendor states that this is analogous to Options FollowSymlinks in the Apache HTTP Server, and therefore it is "not a problem.

NVD

Products Associated with CVE-2019-11879

stack.watch emails you whenever new vulnerabilities are published in Ruby Programming Language Webrick or Apache HTTP Server. Just hit a watch button to start following.

Ruby Programming Language Webrick

Apache HTTP Server

Exploit Probability

EPSS

0.04%

Percentile

10.34%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-11879 in Ruby Programming Language and Apache ProductsPublished on May 10, 2019

Products Associated with CVE-2019-11879

Exploit Probability

CVE-2019-11879 in Ruby Programming Language and Apache Products
Published on May 10, 2019