Name | CVE-2020-8184 |
Description | A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more) |
References | DLA-2275-1, DLA-3298-1 |
Debian Bugs | 963477 |
The table below lists information on source packages.
The information below is based on the following data on fixed versions.