WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-11-26T00:00:00
Updated: 2023-04-30T00:00:00
Reserved: 2019-09-10T00:00:00
Link: CVE-2019-16201
JSON object: View
NVD Information
Status : Modified
Published: 2019-11-26T18:15:15.100
Modified: 2023-04-30T23:15:44.517
Link: CVE-2019-16201
JSON object: View
Redhat Information
No data.
CWE