{"id":"CVE-2019-16779","details":"In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this.","aliases":["GHSA-q58g-455p-8vw9"],"modified":"2026-05-28T04:05:05.649417749Z","published":"2019-12-16T20:15:15.540Z","related":["SUSE-SU-2020:2053-1","openSUSE-SU-2020:0036-1","openSUSE-SU-2020:0139-1"],"database_specific":{"unresolved_ranges":[{"extracted_events":[{"last_affected":"8.0"}],"cpes":["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"],"vendor_product":"debian:debian_linux","source":"CPE_STRING"},{"extracted_events":[{"last_affected":"15.0-sp1"}],"cpes":["cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"],"vendor_product":"opensuse:backports_sle","source":"CPE_STRING"},{"extracted_events":[{"last_affected":"15.1"}],"cpes":["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"],"vendor_product":"opensuse:leap","source":"CPE_STRING"}]},"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00021.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00062.html"},{"type":"ADVISORY","url":"https://github.com/excon/excon/security/advisories/GHSA-q58g-455p-8vw9"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00015.html"},{"type":"FIX","url":"https://github.com/excon/excon/commit/ccb57d7a422f020dc74f1de4e8fb505ab46d8a29"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/excon/excon","events":[{"introduced":"0"},{"fixed":"1149d44d921660bcde5e21671e6a10346d177f33"},{"fixed":"ccb57d7a422f020dc74f1de4e8fb505ab46d8a29"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"0.71.0"}],"cpe":"cpe:2.3:a:excon_project:excon:*:*:*:*:*:*:*:*","source":["CPE_RANGE","REFERENCES"]}}],"versions":["v0.70.0","v0.69.1","v0.69.0","v0.68.0","v0.67.0","v0.66.0","v0.65.0","v0.64.0","v0.63.0","v0.62.0","v0.61.0","v0.60.0","v0.59.0","v0.58.0","v0.57.1","v0.57.0","v0.56.0","v0.55.0","v0.54.0","v0.53.0","v0.52.0","v0.50.1","v0.50.0","v0.49.0","v0.48.0","v0.47.0","v0.46.0","v0.45.4","v0.45.3","v0.45.2","v0.45.1","v0.45.0","v0.44.4","v0.44.3","v0.44.2","v0.44.1","v0.44.0","v0.43.0","v0.42.1","v0.42.0","v0.41.0","v0.40.0","v0.39.6","v0.39.5","v0.39.4","v0.39.3","v0.39.2","v0.39.1","v0.39.0","v0.38.0","v0.37.0","v0.36.0","v0.35.0","v0.34.0","v0.33.0","v0.32.1","v0.32.0","v0.31.0","v0.30.0","v0.29.0","v0.28.0","v0.27.6","v0.27.5","v0.27.4","v0.27.3","v0.27.2","v0.27.1","v0.27.0","v0.26.0","v0.25.3","v0.25.2","v0.25.1","v0.25.0","v0.24.0","v0.23.0","v0.20.1","v0.22.1","v0.22.0","v0.21.0","v0.20.0","v0.19.5","v0.19.4","v0.19.3","v0.19.2","v0.19.1","v0.19.0","v0.18.5","v0.18.4","v0.18.3","v0.18.2","v0.18.1","v0.18.0","v0.17.0","v0.16.10","v0.16.9","v0.16.8","v0.16.7","v0.16.6","v0.16.5","v0.16.4","v0.16.3","v0.16.2","v0.16.1","v0.16.0","v0.15.5","v0.15.4","v0.15.3","v0.15.2","v0.15.1","v0.15.0","v0.14.3","v0.14.2","v0.14.1","v0.14.0","v0.13.4","v0.13.3","v0.13.2","v0.13.1","v0.13.0","v0.12.0","v0.11.0","v0.10.1","v0.10.0","v0.9.6","v0.9.5","v0.9.4","v0.9.3","v0.9.2","v0.9.1","v0.9.0","v0.8.0","v0.7.12","v0.7.11","v0.7.10","v0.7.9","v0.7.8","v0.7.7","v0.7.6","v0.7.5","v0.7.4","v0.7.3","v0.7.2","v0.7.1","v0.7.0","v0.6.6","v0.6.5","v0.6.4","v0.6.3","v0.6.2","v0.6.1","v0.6.0","v0.5.8","v0.5.7","v0.5.6","v0.5.5","v0.5.4","v0.5.3","v0.5.2","v0.5.1","v0.5.0","v0.4.0","v0.3.8","v0.3.7","v0.3.6","v0.3.5","v0.3.4","v0.3.3","v0.3.2","v0.3.1","v0.3.0","v0.2.8","v0.2.7","v0.2.6","v0.2.5","v0.2.4","v0.2.3","v0.2.2","v0.2.1","v0.2.0","v0.1.4","v0.1.3","v0.1.2","v0.1.1","v0.1.0","v0.0.26","v0.0.25","v0.0.24","v0.0.23","v0.0.22"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-16779.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}