cve/CVE-2019-16201.md at 594c8e952101730b1f9f9e6ac2afce8de85a4446

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.

POC

Reference

https://www.oracle.com/security-alerts/cpujan2020.html

Github

https://github.com/MarioBarbarino/planet.rb
https://github.com/feedreader/planet.rb

811 B Raw Blame History

CVE-2019-16201

Description

POC

Reference

Github

811 B

Raw Blame History