Package impact
RubyGems / spree_auth_devise
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-2506 | medium | — | 4.0 | 14y ago | spree_auth_devise allows remote authenticated users to assign themselves arbitrary roles | |||
| CVE-2021-41275 | unknown | — | — | 5y ago | Spree Auth Devise vulnerability allows for authentication bypass through CSRF weakness |