Page MenuHomeDevCentral
Create Task
Maniphest T1444

CSRF timing attach in Sinatra rack-protection (CVE-2018-1000119)
Closed, ResolvedPublic
Actions

Description

SaM-Solutions / ruby-rack-protection rack-protection

References:

Impact is low/unsure as Tommy doesn't contain form to post, so doesn't use CSRF.

Revisions and Commits

rTOMMY Tommy
D1778rTOMMY9ca3ab76bdbc Update rack-protection

Event Timeline

dereckson triaged this task as Low priority.Sep 20 2018, 21:40
dereckson created this task.
dereckson added a revision: D1778: Update rack-protection.Sep 20 2018, 21:44
dereckson closed this task as Resolved by committing rTOMMY9ca3ab76bdbc: Update rack-protection.Sep 21 2018, 09:56
dereckson added a commit: rTOMMY9ca3ab76bdbc: Update rack-protection.
dereckson shifted this object from the Restricted Space space to the S1 Nasqueron space.Sep 21 2018, 09:56
dereckson changed the visibility from "Nasqueron security operations squad (Project)" to "Public (No Login Required)".
dereckson changed the edit policy from "Nasqueron security operations squad (Project)" to "All Users".
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator