ADVISORIES
- CVE-2012-2671 (NVD)
- GHSA-hrp6-w4v2-8737
- OSVDB-83077
GEM
SEVERITY
CVSS v2.0: 7.5 (High)
PATCHED VERSIONS
- >= 1.2
DESCRIPTION
Rack::Cache (rack-cache) contains a flaw related to the rubygem caching sensitive HTTP headers. This will result in a weakness that may make it easier for an attacker to gain access to a user's session via a specially crafted header.