The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other sensitive headers, which allows attackers to obtain sensitive cookie information, hijack web sessions, or have other unspecified impact by accessing the cache.
Max CVSS
7.5
EPSS Score
0.75%
Published
2012-06-17
Updated
2013-08-28
1 vulnerabilities found