Sha256: 8858883343113a4cda6f5d72bf0a1ecb554698fa06643a3a5a09a6824a638ccd

Contents?: true

Size: 481 Bytes

Versions: 6

Compression:

Stored size: 481 Bytes

Contents

---
gem: spree
cve: 2008-7311
osvdb: 81506
url: https://spreecommerce.com/blog/security-vulernability-session-cookie-store
title: |
  Spree Hardcoded config.action_controller_session Hash Value Cryptographic
  Protection Weakness
date: 2008-08-12
description: |
  Spree contains a hardcoded flaw related to the
  config.action_controller_session hash value. This may allow an attacker to
  more easily bypass cryptographic protection.
cvss_v2: 5.0
patched_versions:
  - ">= 0.3.0"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/spree/OSVDB-81506.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/spree/OSVDB-81506.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/spree/OSVDB-81506.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/spree/OSVDB-81506.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/spree/OSVDB-81506.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/spree/OSVDB-81506.yml