CVE-2019-5419 vulnerability in Red Hat and Other Products
Published on March 27, 2019
There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
NVD
Weakness Type
What is a Resource Exhaustion Vulnerability?
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CVE-2019-5419 has been classified to as a Resource Exhaustion vulnerability or weakness.
Products Associated with CVE-2019-5419
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-5419 are published in these products:
Affected Versions
https://github.com/rails/rails:- Version 5.2.2.1 is affected.
- Version 5.1.6.2 is affected.
- Version 5.0.7.2 is affected.
- Version 4.2.11.1 is affected.
Exploit Probability
EPSS
12.12%
Percentile
93.67%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.