Back to search
CVE-2015-1820
Published: Aug 9, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/rest-client/rest-client/issues/369
x_refsource_CONFIRM
73295
vdb-entry
x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=1205291
x_refsource_CONFIRM
[oss-security] 20150323 CVE-2015-1820: ruby rest-client session fixation vulnerability
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now