CVE-2019-16201 - log back

CVE-2019-16201 edited at 02 Oct 2019 12:14:40
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ It has been discovered that Ruby before 2.4.8, 2.5.7 and 2.6.5 is vulnerable to denial of service via regular expressions in WEBrick's Digest access authentication module. An attacker can exploit this vulnerability to cause an effective denial of service against a WEBrick service.
References
+ https://www.ruby-lang.org/en/news/2019/10/01/webrick-regexp-digestauth-dos-cve-2019-16201/
Notes
CVE-2019-16201 created at 02 Oct 2019 11:37:12