A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
The product uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is valid for the associated user.
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
| Link | Tags |
|---|---|
| https://hackerone.com/reports/895727 | exploit third party advisory patch |
| https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak | mailing list third party advisory patch |
| https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html | third party advisory mailing list |
| https://usn.ubuntu.com/4561-1/ | third party advisory vendor advisory |
| https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html | third party advisory mailing list |