Homepage
About Snyk

io.ratpack:ratpack-core@1.8.1 vulnerabilities

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the io.ratpack:ratpack-core package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Web Cache Poisoning

io.ratpack:ratpack-core is a simple, capable, toolkit for creating high performance web applications.

Affected versions of this package are vulnerable to Web Cache Poisoning. A user supplied X-Forwarded-Host header can be used to perform cache poisoning of a cache fronting a Ratpack server if the cache key does not include the X-Forwarded-Host header as a cache key. Users are only vulnerable if they do not configure a custom PublicAddress instance.

How to fix Web Cache Poisoning?

Upgrade io.ratpack:ratpack-core to version 1.9.0 or higher.

[,1.9.0)
Go back to all versions of this package