Rest-client Project : Security Vulnerabilities, CVEs,

CVE-2019-15224

The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected.
Max CVSS
9.8
EPSS Score
0.36%
Published
2019-08-19
Updated
2019-08-29

CVE-2015-3448

REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-04-29
Updated
2016-12-06

CVE-2015-1820

REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect.
Max CVSS
9.8
EPSS Score
0.64%
Published
2017-08-09
Updated
2017-08-21
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close