[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2015-0227":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":52,"epss":9,"epss_history":53,"metrics":54,"affected":55},"MGASA-2015-0227","Updated ruby-rest-client packages fix security vulnerabilities\n\nUpdated ruby-rest-client packages fix security vulnerability:\n\nWhen Ruby rest-client processes an HTTP redirection response, it blindly\npasses along the values from any Set-Cookie headers to the redirection target,\nregardless of domain, path, or expiration.  This can be used in a session\nfixation attack or in stealing cookies (CVE-2015-1820).\n\nREST Client for Ruby contains a flaw that is due to the application logging\npassword information in plaintext. This may allow a local attacker to gain\naccess to password information (CVE-2015-3448).\n\nThe ruby-rest-client package has been updated to version 1.8.0, fixing these\nissues and several other bugs.  Refer to the upstream changelog for more\ndetails.\n",null,[],[],[],[14,16],{"_key":15},"CVE-2015-1820",{"_key":17},"CVE-2015-3448",[],[],[21,22],{"_key":15},{"_key":17},"2015-05-15T18:23:49Z","2026-04-16T06:23:38.299998308Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,39,44,48],{"url":29,"sources":30,"tags":32},"https://advisories.mageia.org/MGASA-2015-0227.html",[31],"osv_mageia",[33],"Advisory",{"url":35,"sources":36,"tags":37},"https://bugs.mageia.org/show_bug.cgi?id=15560",[31],[38],"REPORT",{"url":40,"sources":41,"tags":42},"https://github.com/rest-client/rest-client/blob/master/history.md",[31],[38,43],"WEB",{"url":45,"sources":46,"tags":47},"https://bugzilla.redhat.com/show_bug.cgi?id=1205291",[31],[38],{"url":49,"sources":50,"tags":51},"http://lists.opensuse.org/opensuse-updates/2015-04/msg00026.html",[31],[38,43],[],[],[],[56,68,74],{"ecosystem":57,"name":58,"vendor":59,"product":58,"cpe_part":9,"purl_type":60,"purl_namespace":59,"purl_name":58,"source":9,"versions":61},"Mageia","ruby-http-cookie","mageia","rpm",[62],{"version":63,"is_range":64,"range_type":65,"version_start":9,"version_start_type":9,"version_end":66,"version_end_type":67,"fixed_in":9},"lt1_0_2_1_mga4",true,"ecosystem","1.0.2-1.mga4","excluding",{"ecosystem":57,"name":69,"vendor":59,"product":69,"cpe_part":9,"purl_type":60,"purl_namespace":59,"purl_name":69,"source":9,"versions":70},"ruby-netrc",[71],{"version":72,"is_range":64,"range_type":65,"version_start":9,"version_start_type":9,"version_end":73,"version_end_type":67,"fixed_in":9},"lt0_10_3_1_mga4","0.10.3-1.mga4",{"ecosystem":57,"name":75,"vendor":59,"product":75,"cpe_part":9,"purl_type":60,"purl_namespace":59,"purl_name":75,"source":9,"versions":76},"ruby-rest-client",[77],{"version":78,"is_range":64,"range_type":65,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":67,"fixed_in":9},"lt1_8_0_2_mga4","1.8.0-2.mga4"]