rest-client 1.8.0.rc1

1 security vulnerability found in version 1.8.0.rc1

CVE-2015-1820 rubygem-rest-client: session fixation vulnerability Set-Cookie headers present in an HTTP 30x redirection responses

critical severity CVE-2015-1820
critical severity CVE-2015-1820
Patched versions: >= 1.8.0
Unaffected versions: <= 1.6.0

REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect.

No officially reported memory leakage issues detected.


This gem version does not have any officially reported memory leaked issues.

No license issues detected.


This gem version has a license in the gemspec.

This gem version is available.


This gem version has not been yanked and is still available for usage.