{"api_version":"1","generated_at":"2026-04-22T23:08:43+00:00","cve":"CVE-2019-16782","urls":{"html":"https://cve.report/CVE-2019-16782","api":"https://cve.report/api/cve/CVE-2019-16782.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-16782","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-16782"},"summary":{"title":"CVE-2019-16782","description":"There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.","state":"PUBLIC","assigner":"security-advisories@github.com","published_at":"2019-12-18 20:15:00","updated_at":"2023-11-07 03:05:00"},"problem_types":["CWE-203"],"metrics":[],"references":[{"url":"http://www.openwall.com/lists/oss-security/2020/04/09/2","name":"[oss-security] 20200408 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack","refsource":"MLIST","tags":[],"title":"oss-security - Re: [CVE-2019-16782] Possible Information Leak /\n Session Hijack Vulnerability in Rack","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2019/12/18/2","name":"[oss-security] 20191218 [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack","refsource":"MLIST","tags":["Mailing List","Third Party Advisory"],"title":"oss-security - [CVE-2019-16782] Possible Information Leak / Session Hijack\n Vulnerability in Rack","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2020/04/08/1","name":"[oss-security] 20200409 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack","refsource":"MLIST","tags":[],"title":"oss-security - Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html","name":"openSUSE-SU-2020:0214","refsource":"SUSE","tags":[],"title":"[security-announce] openSUSE-SU-2020:0214-1: moderate: Security update f","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2019/12/18/3","name":"[oss-security] 20191219 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack","refsource":"MLIST","tags":["Mailing List","Third Party Advisory"],"title":"oss-security - Re: [CVE-2019-16782] Possible Information Leak /\n Session Hijack Vulnerability in Rack","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38","name":"https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38","refsource":"CONFIRM","tags":["Patch","Third Party Advisory"],"title":"Merge branch 'advisory-fix-1' · rack/rack@7fecaee · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX/","name":"FEDORA-2020-57fc0d0156","refsource":"","tags":[],"title":"[SECURITY] Fedora 31 Update: rubygem-rack-2.0.8-1.fc31 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2019/12/19/3","name":"[oss-security] 20191218 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack","refsource":"MLIST","tags":["Mailing List","Third Party Advisory"],"title":"oss-security - Re: [CVE-2019-16782] Possible Information Leak /\n Session Hijack Vulnerability in Rack","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX/","name":"FEDORA-2020-57fc0d0156","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 31 Update: rubygem-rack-2.0.8-1.fc31 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3","name":"https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3","refsource":"CONFIRM","tags":["Third Party Advisory"],"title":"Possible Information Leak / Session Hijack Vulnerability · Advisory · rack/rack · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-16782","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16782","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"16782","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"31","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"16782","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"leap","cpe6":"15.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"16782","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rack_project","cpe5":"rack","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"ruby","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"16782","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rack_project","cpe5":"rack","cpe6":"1.6.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"ruby","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"16782","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rack_project","cpe5":"rack","cpe6":"2.0.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"ruby","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"16782","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rack_project","cpe5":"rack","cpe6":"1.6.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"ruby","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"16782","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rack_project","cpe5":"rack","cpe6":"2.0.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"ruby","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2019-16782","qid":"238742","title":"Red Hat Update for Satellite 6.8 release (RHSA-2020:4366)"},{"cve":"CVE-2019-16782","qid":"239228","title":"Red Hat Update for Satellite 6.9 (RHSA-2021:1313)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security-advisories@github.com","ID":"CVE-2019-16782","STATE":"PUBLIC","TITLE":"Possible Information Leak / Session Hijack Vulnerability in Rack"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"rack","version":{"version_data":[{"version_value":"before 1.6.12 or 2.0.8"}]}}]},"vendor_name":"rack"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison."}]},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.3,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-208 Information Exposure Through Timing Discrepancy"}]}]},"references":{"reference_data":[{"name":"https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3","refsource":"CONFIRM","url":"https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3"},{"name":"https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38","refsource":"CONFIRM","url":"https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38"},{"refsource":"MLIST","name":"[oss-security] 20191219 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack","url":"http://www.openwall.com/lists/oss-security/2019/12/18/3"},{"refsource":"MLIST","name":"[oss-security] 20191218 [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack","url":"http://www.openwall.com/lists/oss-security/2019/12/18/2"},{"refsource":"MLIST","name":"[oss-security] 20191218 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack","url":"http://www.openwall.com/lists/oss-security/2019/12/19/3"},{"refsource":"FEDORA","name":"FEDORA-2020-57fc0d0156","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX/"},{"refsource":"SUSE","name":"openSUSE-SU-2020:0214","url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"},{"refsource":"MLIST","name":"[oss-security] 20200409 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack","url":"http://www.openwall.com/lists/oss-security/2020/04/08/1"},{"refsource":"MLIST","name":"[oss-security] 20200408 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack","url":"http://www.openwall.com/lists/oss-security/2020/04/09/2"}]},"source":{"advisory":"GHSA-hrqr-hxpp-chr3","discovery":"UNKNOWN"}},"nvd":{"publishedDate":"2019-12-18 20:15:00","lastModifiedDate":"2023-11-07 03:05:00","problem_types":["CWE-203"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.9,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.2,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":4.3},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.0.8","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*","versionEndExcluding":"1.6.12","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"16782","Ordinal":"156504","Title":"CVE-2019-16782","CVE":"CVE-2019-16782","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"16782","Ordinal":"1","NoteData":"There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"16782","Ordinal":"2","NoteData":"2019-12-18","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"16782","Ordinal":"3","NoteData":"2020-04-09","Type":"Other","Title":"Modified"}]}}}