pkg:gem/spree_auth_devise
Type
gem
Name
spree_auth_devise
Known advisories, vulnerabilities and fixes for spree_auth_devise package.
- Repository
- https://rubygems.org/gems/spree_auth_devise
Critical
1
Medium
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | < 1.3.0 |
CVE-2013-2506
|
 RUBYSEC:SPREE_AUTH_DEVISE-2013-2506
|
Spree app/models/spree/user.rb Mass Role Assignment Remote Privilege Escalation | medium |
2013-02-21T00:00:00
(11 years ago) |
|
| Fixed | = 1.1.6 = 1.2.0 >= 1.3.0 |
CVE-2013-2506
|
RUBYSEC:SPREE_AUTH_DEVISE-2013-2506
|
Spree app/models/spree/user.rb Mass Role Assignment Remote Privilege Escalation | medium |
2013-02-21T00:00:00
(11 years ago) |
|
| Affected | < 4.4.1 |
CVE-2021-41275
|
RUBYSEC:SPREE_AUTH_DEVISE-2021-41275
|
Authentication Bypass by CSRF Weakness | critical |
2021-11-18T00:00:00
(2 years ago) |
|
| Fixed | = 4.0.1 = 4.1.1 = 4.2.1 >= 4.4.1 |
CVE-2021-41275
|
RUBYSEC:SPREE_AUTH_DEVISE-2021-41275
|
Authentication Bypass by CSRF Weakness | critical |
2021-11-18T00:00:00
(2 years ago) |