Lucene search
GoogleOSV:GHSA-3FHF-6939-QG8PHistoryAug 13, 2018 - 8:47 p.m.
rest-client Gem Vulnerable to Session Fixation
2018-08-1320:47:22
Google
osv.dev
14
EPSS
0.006
Percentile
79.3%
REST client for Ruby (aka rest-client) versions 1.6.1.a until 1.8.0 allow remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect.
References
www.openwall.com/lists/oss-security/2015/03/24/3
bugzilla.redhat.com/show_bug.cgi?id=1205291
github.com/rest-client/rest-client
github.com/rest-client/rest-client/issues/369
nvd.nist.gov/vuln/detail/CVE-2015-1820
rubygems.org/gems/rest-client/versions/1.6.1.a
web.archive.org/web/20200228080106/www.securityfocus.com/bid/73295
Related
debiancve
debiancve
CVE-2015-1820
2017-08-09 18:29:00
rubygems
rubygems
prion
prion
Session fixation
2017-08-09 18:29:00
ubuntucve
ubuntucve
CVE-2015-1820
2017-08-09 00:00:00
nessus
nessus
FreeBSD : rest-client -- session fixation vulnerability (83a7a720-07d8-11e5-9a28-001e67150279)
2015-06-02 00:00:00
Fedora 23 : rubygem-rest-client (2015-8dce7405bf)
2016-07-14 00:00:00
RHEL 7 : Satellite 6.9 Release (Moderate) (RHSA-2021:1313)
2021-04-21 00:00:00
github
github
rest-client Gem Vulnerable to Session Fixation
2018-08-13 20:47:22
ibm
ibm
cvelist
cvelist
CVE-2015-1820
2017-08-09 18:00:00
nvd
nvd
CVE-2015-1820
2017-08-09 18:29:00
freebsd
freebsd
rest-client -- session fixation vulnerability
2015-03-24 00:00:00
cve
cve
CVE-2015-1820
2017-08-09 18:29:00
mageia
mageia
Updated ruby-rest-client packages fix security vulnerabilities
2015-05-15 21:23:49
fedora
fedora
[SECURITY] Fedora 23 Update: rubygem-rest-client-1.8.0-1.fc23
2015-08-27 18:31:37
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0227)
2022-01-28 00:00:00
redhat
redhat
(RHSA-2021:1313) Moderate: Satellite 6.9 Release
2021-04-21 12:43:38