The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other sensitive headers, which allows attackers to obtain sensitive cookie information, hijack web sessions, or have other unspecified impact by accessing the cache.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2012-06-16 20:41
Updated : 2013-08-27 23:47
NVD link : CVE-2012-2671
Mitre link : CVE-2012-2671
JSON object : View
CWE
Products Affected
rtomayko
- rack-cach