File Content Disclosure vulnerability in Ruby on Rails - CVE-2019-5418ID: oval:org.secpod.oval:def:61428 | Date: (C)2020-02-17 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The host is installed with Ruby on rails 5.2.x before 5.2.2.1, 5.1.x before 5.1.6.2, 5.0.x before 5.0.7.2 or 4.2.x before 4.2.11.1 and is prone to a file content disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to send specially crafted accept headers which can cause contents of arbitrary files on the target system's filesystem to be exposed.
Platform: |
Microsoft Windows 7 |
Microsoft Windows 8 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |