CVE-2019-16201 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	It has been discovered that Ruby before 2.4.8, 2.5.7 and 2.6.5 is vulnerable to denial of service via regular expressions in WEBrick's Digest access authentication module. An attacker can exploit this vulnerability to cause an effective denial of service against a WEBrick service.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1040	ruby2.5	2.5.6-1	2.5.7-1	Medium	Fixed	FS#63977
AVG-1039	ruby	2.6.4-1	2.6.5-1	Medium	Fixed	FS#63977

Date	Advisory	Group	Package	Severity	Type
02 Oct 2019	ASA-201910-5	AVG-1040	ruby2.5	Medium	multiple issues
02 Oct 2019	ASA-201910-2	AVG-1039	ruby	Medium	multiple issues

References
https://www.ruby-lang.org/en/news/2019/10/01/webrick-regexp-digestauth-dos-cve-2019-16201/