Search for packages
| purl | pkg:rpm/redhat/ruby193-rubygem-rack@1:1.3.0-4?arch=el6op |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-y12d-fjpf-uubh
Aliases: CVE-2013-0263 GHSA-xc85-32mf-xpv8 OSV-89939 |
Timing attack against Rack::Session::Cookie Affected versions allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving am HMAC comparison function that does not run in constant time. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:52:31.519025+00:00 | RedHat Importer | Affected by | VCID-y12d-fjpf-uubh | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json | 38.0.0 |