CVE-2015-1820 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2015-1820 Interim 1 11 2025-04-22T23:47:59Z current 2021-05-30T13:28:01Z 2025-04-22T23:47:59Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2015-1820 REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings HPE Helion OpenStack 8 SUSE Cloud 2.0 SUSE Cloud 4 SUSE Cloud 4 Dependencies SUSE Linux Enterprise High Availability Extension 12 SP4 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Server Teradata 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Manager Client Tools for SLE 12 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 python-requests python3-requests python-requests as a component of HPE Helion OpenStack 8 python-requests as a component of SUSE Cloud 2.0 python-requests as a component of SUSE Cloud 4 python-requests as a component of SUSE Cloud 4 Dependencies python-requests as a component of SUSE Linux Enterprise High Availability Extension 12 SP4 python-requests as a component of SUSE Linux Enterprise Module for Advanced Systems Management 12 python3-requests as a component of SUSE Linux Enterprise Module for Advanced Systems Management 12 python-requests as a component of SUSE Linux Enterprise Server 11 SP3 python-requests as a component of SUSE Linux Enterprise Server 12 SP2-BCL python-requests as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS python-requests as a component of SUSE Linux Enterprise Server 12 SP4-LTSS python-requests as a component of SUSE Linux Enterprise Server Teradata 12 SP3 python-requests as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 python-requests as a component of SUSE Manager Client Tools for SLE 12 python-requests as a component of SUSE OpenStack Cloud 8 python-requests as a component of SUSE OpenStack Cloud 9 python-requests as a component of SUSE OpenStack Cloud Crowbar 8 python-requests as a component of SUSE OpenStack Cloud Crowbar 9 REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect. CVE-2015-1820 SUSE Cloud 2.0:python-requests SUSE Cloud 4 Dependencies:python-requests SUSE Cloud 4:python-requests SUSE Linux Enterprise Server 11 SP3:python-requests low 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H