Sha256: 9acfce940790195975d7604a72f3a6c9842946637420b95b4ec2841c53a367d9
Contents?: true
Size: 673 Bytes
Versions: 1
Compression:
Stored size: 673 Bytes
Contents
--- gem: rack cve: 2013-0263 osvdb: 89939 url: https://nvd.nist.gov/vuln/detail/CVE-2013-0263 title: | Rack Rack::Session::Cookie Function Timing Attack Remote Code Execution date: 2013-02-07 description: | Rack contains a flaw that is due to an error in the Rack::Session::Cookie function. Users of the Marshal session cookie encoding (the default), are subject to a timing attack that may lead an attacker to execute arbitrary code. This attack is more practical against 'cloud' users as intra-cloud latencies are sufficiently low to make the attack viable. cvss_v2: 5.1 patched_versions: - ~> 1.1.6 - ~> 1.2.8 - ~> 1.3.10 - ~> 1.4.5 - ">= 1.5.2"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/rack/CVE-2013-0263.yml |