io.ratpack:ratpack-session (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package io.ratpack:ratpack-session, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2021-29481 — CVSS 6.5 (medium): Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, the default configuration of client side sessions results…
CVE-2021-29480 — CVSS 4.4 (medium): Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, the client side session module uses the application startup…
CVE-2019-11808 — CVSS 3.7 (low): Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK's ThreadLocalRandom. This means that if…