CVE-2019-5418
Known Exploited (CISA KEV)HIGH
7.5
CVSS Severity Score
Vulnerability Description
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.
Affected Platforms (CPE)
π¦
Rubyonrails
Rails
>= 3.0.0 and < 4.2.11.1π¦
Rubyonrails
Rails
>= 5.0.0 and < 5.0.7.2π¦
Rubyonrails
Rails
>= 5.1.0 and < 5.1.6.2π¦
Rubyonrails
Rails
>= 5.2.0 and < 5.2.2.1π»
Debian
Debian Linux
= 8.0π¦
Redhat
Cloudforms
= 4.7π»
Opensuse
Leap
= 15.0π»
Fedoraproject
Fedora
= 30π¦
Redhat
Cloudforms
= 4.6π¦
Redhat