rest-client 1.8.0.rc1
1 security vulnerability
found in version
1.8.0.rc1
CVE-2015-1820 rubygem-rest-client: session fixation vulnerability Set-Cookie headers present in an HTTP 30x redirection responses
critical severity CVE-2015-1820
critical severity
CVE-2015-1820
Patched versions:
>= 1.8.0
Unaffected versions:
<= 1.6.0
REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
No license issues detected.
This gem version has a license in the gemspec.
This gem version is available.
This gem version has not been yanked and is still available for usage.