1 results (0.003 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0
CVE-2015-8314
https://notcve.org/view.php?id=CVE-2015-8314
The Devise gem before 3.5.4 for Ruby mishandles Remember Me cookies for sessions, which may allow an adversary to obtain unauthorized persistent application access. Devise gem anterior a 3.5.4 para Ruby maneja mal las cookies Recordarme para las sesiones, lo que puede permitir que un adversario obtenga acceso persistente no autorizado a la aplicación. • https://github.com/advisories/GHSA-746g-3gfp-hfhw https://github.com/heartcombo/devise/commit/c92996646aba2d25b2c3e235fe0c4f1a84b70d24 https://rubysec.com/advisories/CVE-2015-8314 • CWE-312: Cleartext Storage of Sensitive Information •