CVE search results

1 result

Detailed view

Sort by:

CVE-2018-1000119

Medium priority

Some fixes available 2 of 3

Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via...

1 affected package

ruby-rack-protection

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ruby-rack-protection	—	—	—	Fixed

Search CVE reports