CVE-2021-41819
Reliance on Cookies without Validation and Integrity Checking in a Security Decision in gem/cgi
Identifiers
CVE-2021-41819
Package Slug
gem/cgi
Vulnerability
Reliance on Cookies without Validation and Integrity Checking in a Security Decision
Description
CGI::Cookie.parse in Ruby mishandles security prefixes in cookie names. This also affects the CGI gem for Ruby.
Affected Versions
All versions starting from 0.1.0 up to 0.3.0
Solution
Upgrade to version 0.3.1 or above.
Last Modified
2022-01-13
| source |