Vuln ID: CVE-2019-11808
Published: 2019-05-07 07:29:05Z
Description: Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK’s ThreadLocalRandom. This means that if an attacker can determine a small window for the server start time and obtain a session ID value, they can theoretically determine the sequence of session IDs.
Source: NVD.NIST.GOV