Vulnerability CVE-2019-16254

Vulnerability CVE-2019-16254

Published: 2019-11-26 Modified: 2019-11-29

Description:

Type:

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Affected software
Ruby-lang -> RUBY
Debian -> Debian linux

https://hackerone.com/reports/331984

https://lists.debian.org/debian-lts-announce/2019/11/msg00025.html

https://lists.debian.org/debian-lts-announce/2019/12/msg00009.html

https://seclists.org/bugtraq/2019/Dec/31

https://seclists.org/bugtraq/2019/Dec/32

https://www.debian.org/security/2019/dsa-4586

https://www.debian.org/security/2019/dsa-4587

https://www.ruby-lang.org/ja/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/

https://www.ruby-lang.org/ja/news/2019/10/01/ruby-2-4-8-released/

https://www.ruby-lang.org/ja/news/2019/10/01/ruby-2-5-7-released/

https://www.ruby-lang.org/ja/news/2019/10/01/ruby-2-6-5-released/