6 matches found
CVE-2019-17513
CVE-2019-17513 affects Ratpack before 1.7.5. The root cause is misuse of Netty’s DefaultHttpHeaders with validation disabled, allowing untrusted input used in HTTP headers to cause HTTP Response Splitting (CRLF injection). Upgrading Ratpack to 1.7.5 (or later) patches the issue by restoring heade...
CVE-2021-29485
Ratpack vulnerability CVE-2021-29485 affects versions before 1.9.0 when using Ratpack's session storage. An attacker can achieve remote code execution by crafting a Java deserialization gadget chain in the session data, provided the application writes to the session store. If an application does ...
CVE-2021-29481
CVE-2021-29481 affects Ratpack versions before 1.9.0, where the default client-side session configuration stores data in cookies in an unencrypted but signed form. This can allow an attacker with cookie access to read sensitive information if such data is stored in the session and the cookie is l...
CVE-2021-29479
Summary: Ratpack before 1.9.0 is vulnerable to cache poisoning via the X-Forwarded-Host header. If the cache key does not include X-Forwarded-Host and a custom PublicAddress is not configured, Ratpack’s default inferring PublicAddress can be exploited to redirect cached responses to an attacker s...
CVE-2019-11808
CVE-2019-11808 affects Ratpack versions before 1.6.1, where session IDs are generated using a cryptographically weak PRNG in the JDK’s ThreadLocalRandom. The consequence is that if an attacker can narrow the server-start window and observe a session ID, they could theoretically determine the sequ...
CVE-2021-29480
CVE-2021-29480 affects Ratpack prior to 1.9.0, where the client-side session module uses the application startup time as the signing key by default. If an attacker can determine this time and encryption is not enabled, session data could be tampered with via cookie manipulation. As of Ratpack 1.9...