CVE-2015-1820: Session fixation vulnerability via Set-Cookie headers

August 9, 2017 (updated August 21, 2017)

The package rest-client in abstract_response.rb improperly handles Set-Cookie headers on HTTP redirection responses. Any cookies will be forwarded to the redirection target regardless of domain, path, or expiration. If you control a redirection source, you can cause rest-client to perform a request to any third-party domain with cookies of your choosing, which may be useful in performing a session fixation attack. If you control a redirection target, you can steal any cookies set by the third-party redirection request.

References

github.com/rest-client/rest-client/issues/369

Code Behaviors & Features

Detect and mitigate CVE-2015-1820 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →