CVE 2021-41819
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- CONFIRM: https://www.ruby-lang....
- MISC: https://hackerone.com/...
- CONFIRM: https://security.netap...
- FEDORA: FEDORA-2022-82a9edac27
- FEDORA: FEDORA-2022-8cf0124add
- GENTOO: GLSA-202401-27
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)