Rack::Session::Cookie secrets: decrypt failure fallback enables secretless session forgery and Marshal deserialization

Critical severity GitHub Reviewed Published Apr 7, 2026 in rack/rack-session • Updated May 13, 2026

No open alerts for this advisory

Give feedback on Dependabot alerts