from Hacker News

Multiple vulnerabilities found in Rack

by michaelfairley on 2/8/13, 4:10 AM with 7 comments

  • by joevandyk on 2/8/13, 4:59 AM

    If my site is SSL only, is it still vulnerable to the cookie timing attack?

    Are there details about the file-traversal one?

  • by jtchang on 2/8/13, 5:14 AM

    How many people use rack? Is it almost always used when deploying rails apps?