10 matches found
EUVD-2018-0360
Malware in sbrugna...
SUSE CVE-2015-1820
REST client for Ruby aka rest-client before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect...
Mageia: Security Advisory (MGASA-2015-0227)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
rubygem-rest-client: unsanitized application logging
REST client for Ruby aka rest-client before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log...
rubygem-rest-client: session fixation vulnerability Set-Cookie headers present in an HTTP 30x redirection responses
REST client for Ruby aka rest-client before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect...
MGASA-2015-0227 Updated ruby-rest-client packages fix security vulnerabilities
Updated ruby-rest-client packages fix security vulnerability: When Ruby rest-client processes an HTTP redirection response, it blindly passes along the values from any Set-Cookie headers to the redirection target, regardless of domain, path, or expiration. This can be used in a session fixation...
CVE-2015-3448
REST client for Ruby aka rest-client before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log...
DEBIAN-CVE-2015-3448
REST client for Ruby aka rest-client before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log...
Cross site request forgery (csrf)
REST client for Ruby aka rest-client before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log...
CVE-2015-3448
REST client for Ruby aka rest-client before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log...