Rack::Cache Rubygem Vulnerability: Cache Poisoning and Sensitive Header Exposure

Rack::Cache Rubygem Vulnerability: Cache Poisoning and Sensitive Header Exposure

CVE-2012-2671 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other sensitive headers, which allows attackers to obtain sensitive cookie information, hijack web sessions, or have other unspecified impact by accessing the cache.

Learn more about our Web App Pen Testing.