Security: ratpack/ratpack
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
-
Default client side session signing key is highly predictableGHSA-2cc5-23r7-vc4v published
Jun 29, 2021 by ldaleyModerate -
Client side sessions should not allow unencrypted storageGHSA-phj8-4cq3-794g published
Jun 29, 2021 by ldaleyModerate -
Remote Code Execution Vulnerability in Session StorageGHSA-hc33-32vw-rpp9 published
Jun 29, 2021 by ldaleyCritical -
Cached redirect poisoning via X-Forwarded-Host headerGHSA-w6rq-6h34-vh7q published
Jun 29, 2021 by ldaleyHigh -
Default development error handler is vulnerable to HTML content injection (XSS)GHSA-r2wf-q3x4-hrv9 published
Jan 25, 2020 by johnrengelmanModerate -
CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')GHSA-mvqp-q37c-wf9j published
Oct 17, 2019 by ldaleyModerate
Learn more about advisories related to ratpack/ratpack in the GitHub Advisory Database