85 matches found
Ratpack's default client side session signing key is highly predictable
Impact The client side session module uses the application startup time as the signing key by default. This means that if an attacker can determine this time, and if encryption is not also used which is recommended, but is not on by default, the session data could be tampered with by someone with...
com.github.grooviter:gql-ratpack (=0.5.0), io.ratpack:ratpack-pac4j (>=0.9.3 <=1.10.0-milestone-39) +3 more potentially affected by CVE-2021-29481 via io.ratpack:ratpack-session (>=0.9.10 <=1.9.0-rc-2)
io.ratpack:ratpack-session MAVEN version =0.9.10, =0.9.3, =1.0.0, =1.9.0-rc-1, =1.4.6, =3.0.0 Source cves: CVE-2021-29481 Source advisory: OSV:GHSA-PHJ8-4CQ3-794G...
GHSA-PHJ8-4CQ3-794G Unencrypted storage of client side sessions
Impact The default configuration of client side sessions results in unencrypted, but signed, data being set as cookie values. This means that if something sensitive goes into the session, it could be read by something with access to the cookies. Note: the documentation does point this out and...
com.bertramlabs.plugins:ratpack-asset-pipeline (>=2.2.7 <=4.3.0), com.bytekast.serverless-local-apigateway:com.bytekast.serverless-local-apigateway.gradle.plugin (>=0.4 <=0.5) +90 more potentially affected by CVE-2021-29485 via io.ratpack:ratpack-core (>=0.9.0 <=1.9.0-rc-2)
io.ratpack:ratpack-core MAVEN version =0.9.0, =2.2.7, =0.4, =0.0.1, =0.0.1, =0.0.2, =1.0.0, =1.2, =1.2, =1.3, =1.1, =1.1, =1.5, =1.1, =1.8 and more Source cves: CVE-2021-29485 Source advisory: OSV:GHSA-HC33-32VW-RPP9...
GHSA-HC33-32VW-RPP9 Remote Code Execution Vulnerability in Session Storage
Impact A malicious attacker can achieve Remote Code Execution RCE via a maliciously crafted Java deserialization gadget chain leveraged against the Ratpack session store. If your application does not use Ratpack's session mechanism, it is not vulnerable. Details Attackers with the ability to writ...
Remote Code Execution Vulnerability in Session Storage
Impact A malicious attacker can achieve Remote Code Execution RCE via a maliciously crafted Java deserialization gadget chain leveraged against the Ratpack session store. If your application does not use Ratpack's session mechanism, it is not vulnerable. Details Attackers with the ability to writ...
Unspecified vulnerability in Ratpack (CNVD-2021-52416)
Ratpack is a Java library for building scalable HTTP applications. A security vulnerability exists in Ratpack versions prior to 1.9.0, which can be exploited by an attacker to achieve remote code execution via a maliciously crafted chain of Java deserialization gadgets targeting Ratpack session...
Ratpack has an unspecified vulnerability
Ratpack is a Java library for building scalable HTTP applications. A security vulnerability exists in versions of Ratpack prior to 1.9.0, which can be exploited by attackers to force a cache redirection to their site...
Unspecified vulnerability in Ratpack (CNVD-2021-52414)
Ratpack is a Java library for building scalable HTTP applications. A security vulnerability exists in Ratpack versions prior to 1.9.0, which stems from a default configuration of a client session that results in unencrypted but signed data being set as a cookie value. An attacker could exploit th...
Unspecified vulnerability in Ratpack (CNVD-2021-52413)
Ratpack is a Java library for building scalable HTTP applications. A security vulnerability exists in Ratpack versions prior to 1.9.0, which stems from the client-side session module defaulting to using the application startup time as the signing key, and can be exploited by an attacker to tamper...
CVE-2021-29481
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, the default configuration of client side sessions results in unencrypted, but signed, data being set as cookie values. This means that if something sensitive goes into the session, it could be read by something with...
CVE-2021-29485
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, a malicious attacker can achieve Remote Code Execution RCE via a maliciously crafted Java deserialization gadget chain leveraged against the Ratpack session store. If one's application does not use Ratpack's session...
CVE-2021-29485
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, a malicious attacker can achieve Remote Code Execution RCE via a maliciously crafted Java deserialization gadget chain leveraged against the Ratpack session store. If one's application does not use Ratpack's session...
CVE-2021-29480
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, the client side session module uses the application startup time as the signing key by default. This means that if an attacker can determine this time, and if encryption is not also used which is recommended, but is n...
CVE-2021-29481
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, the default configuration of client side sessions results in unencrypted, but signed, data being set as cookie values. This means that if something sensitive goes into the session, it could be read by something with...
CVE-2021-29480
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, the client side session module uses the application startup time as the signing key by default. This means that if an attacker can determine this time, and if encryption is not also used which is recommended, but is n...
Design/Logic Flaw
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, the default configuration of client side sessions results in unencrypted, but signed, data being set as cookie values. This means that if something sensitive goes into the session, it could be read by something with...
Deserialization of untrusted data
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, a malicious attacker can achieve Remote Code Execution RCE via a maliciously crafted Java deserialization gadget chain leveraged against the Ratpack session store. If one's application does not use Ratpack's session...
Default configuration
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, the client side session module uses the application startup time as the signing key by default. This means that if an attacker can determine this time, and if encryption is not also used which is recommended, but is n...
CVE-2021-29485 Remote Code Execution Vulnerability in Session Storage
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, a malicious attacker can achieve Remote Code Execution RCE via a maliciously crafted Java deserialization gadget chain leveraged against the Ratpack session store. If one's application does not use Ratpack's session...