VYPR
High severityNVD Advisory· Published Jun 19, 2020· Updated Aug 4, 2024

CVE-2020-8184

CVE-2020-8184

Description

A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
rackRubyGems
< 2.1.42.1.4
rackRubyGems
>= 2.2.0, < 2.2.32.2.3

Affected products

122

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.