The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other sensitive headers, which allows attackers to obtain sensitive cookie information, hijack web sessions, or have other unspecified impact by accessing the cache.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| rack-cache(RubyGems) | 0.3.0 | 1.2 | N/A |
CVSS Metrics
