CISA Known Exploited Vulnerability
CVE-2019-5418
Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combination with calls to `render file:` can cause arbitrary files on the target server
CISA catalog entry
Product
Ruby on Rails
Vendor
Rails
Added to KEV
2025-07-07
Remediation due
2025-07-28
CVE-2019-5418 is tracked in the CISA Known Exploited Vulnerabilities catalog. WebPulse monitors it as part of its framework security intelligence.
Related vulnerabilities