Package impact
RubyGems / devise
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-0233 | medium | — | 7.8 | 14y ago | Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing databas… | |||
| CVE-2026-40295 | medium | 6.1 | 6.1 | 23d ago | Devise has an Open Redirect via Unvalidated `request.referrer` in Timeoutable Session Timeout Handler |