Lucene search
+L

6 matches found

Chainguard
Chainguard
added 2025/05/12 7:17 p.m.52 views

CVE-2025-46336 vulnerabilities

Vulnerabilities for packages: ruby3.2-rails, ruby3.3-rails, logstash, ruby3.4-rails...

4.2CVSS4.9AI score0.00282EPSS
Exploits0
NVD
NVD
added 2025/05/08 8:15 p.m.23 views

CVE-2025-46336

Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie already a major issue, the session may be restored if the attacker can trigger a lo...

4.2CVSS0.00282EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/05/08 7:26 p.m.10 views

CVE-2025-46336 Rack session gets restored after deletion

Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie already a major issue, the session may be restored if the attacker can trigger a lo...

4.2CVSS6.8AI score0.00282EPSS
Exploits0References3
CVE
CVE
added 2025/05/08 7:26 p.m.213 views

CVE-2025-46336

CVE-2025-46336 affects Rack::Session within the Rack::Session::Pool middleware. In versions 2.0.0 up to but not including 2.1.1, if an attacker has a valid session cookie and can trigger a long-running request adjacent to a user logout, the session may be restored, allowing illicit access after l...

4.2CVSS6.8AI score0.00282EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/08 7:26 p.m.18 views

CVE-2025-46336 Rack session gets restored after deletion

Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie already a major issue, the session may be restored if the attacker can trigger a lo...

4.2CVSS0.00282EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/05/08 12:0 a.m.5 views

CVE-2025-46336

Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie already a major issue, the session may be restored if the attacker can trigger a lo...

4.2CVSS6.5AI score0.00282EPSS
Exploits0References3
Rows per page
Query Builder