REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers
to conduct session fixation attacks or obtain sensitive cookie information by leveraging
passage of cookies set in a response to a redirect.
CPE | Name | Operator | Version |
---|---|---|---|
rest-client | le | 1.6.0 | |
rest-client | lt | 1.8.0 |