How severe is CVE-2019-16779?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2019-16779?

This is classified as CWE-664, which is a common weakness in software security.

CVE-2019-16779 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this.

Related Vulnerabilities

CVE-2020-1620

MEDIUM

CVSS:5.5(Medium)

A local, authenticated user with shell can obtain the hashed values of login passwords via configd streamer log. This issue affects all versions of Junos OS Evolved prior to 19.3R1.

CWE-6642020

CVE-2020-1621

MEDIUM

CVSS:5.5(Medium)

A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces. This issue affects all versions of Junos OS Evolved prior to 19.3R1.

CWE-6642020

CVE-2020-1622

MEDIUM

CVSS:5.5(Medium)

A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore. This issue affects all versions of Junos OS Evolved prior to 19.1R1...

CWE-6642020

CVE-2020-36774

MEDIUM

CVSS:5.5(Medium)

plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash).

CWE-6642020

CVE-2022-22249

MEDIUM

CVSS:6.5(Medium)

An Improper Control of a Resource Through its Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to caus...

CWE-6642022

CVE-2022-22250

MEDIUM

CVSS:6.5(Medium)

An Improper Control of a Resource Through its Lifetime vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows unauthenticated adjacent attacker to cau...

CWE-6642022