Please see our main security policy: https://github.com/rack/rack/security/policy
Security: rack/rack-session
Security
security.md
-
`Rack::Session::Cookie` decrypt failure falls back to accepting unencrypted cookies.GHSA-33qg-7wpp-89cq published
Apr 7, 2026 by ioquatixCritical -
`Rack::Session::Pool` sessions can be restored after deletionGHSA-9j94-67jr-4cqj published
May 8, 2025 by ioquatixModerate
Learn more about advisories related to rack/rack-session in the GitHub Advisory Database