Sha256: 2bb520c3a4e5f5dd2fffbf9c3f2d8afad2bdaaedaa11e7ebc7e191864b865275
Contents?: true
Size: 623 Bytes
Versions: 1
Compression:
Stored size: 623 Bytes
Contents
--- gem: rack cve: 2013-0263 url: http://osvdb.org/show/osvdb/89939 title: | Rack Rack::Session::Cookie Function Timing Attack Remote Code Execution description: | Rack contains a flaw that is due to an error in the Rack::Session::Cookie function. Users of the Marshal session cookie encoding (the default), are subject to a timing attack that may lead an attacker to execute arbitrary code. This attack is more practical against 'cloud' users as intra-cloud latencies are sufficiently low to make the attack viable. cvss_v2: 7.6 patched_versions: - ~> 1.1.6 - ~> 1.2.8 - ~> 1.3.10 - ~> 1.4.5 - ">= 1.5.2"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.1.2 | data/ruby-advisory-db/gems/rack/2013-0263.yml |