GHSA-44VF-8FFM-V2QH Sensitive Data Exposure in rails-session-decoder

All versions of rails-session-decoder are missing verification of the Message Authentication Code appended to the cookies. This may lead to decryption of cipher text thus exposing encrypted information. Recommendation No fix is currently available. Consider using an alternative module until a fix...

Sensitive Data Exposure in rails-session-decoder

All versions of rails-session-decoder are missing verification of the Message Authentication Code appended to the cookies. This may lead to decryption of cipher text thus exposing encrypted information. Recommendation No fix is currently available. Consider using an alternative module until a fix...

Information Disclosure

rails-session-decoder is vulnerable to information disclosure. A lack of verification of the Message Authentication Code that is appended to the cookies could allow an attacker to decrypt encrypted data containing confidential information...

Sensitive Data Exposure

Overview All versions of rails-session-decoder are missing verification of the Message Authentication Code appended to the cookies. This may lead to decryption of cipher text thus exposing encrypted information. Recommendation No fix is currently available. Consider using an alternative module...