CVE-2015-8314 in Devise Geminfo

Summary

The Devise gem before 3.5.4 for Ruby mishandles Remember Me cookies for sessions, which may allow an adversary to obtain unauthorized persistent application access.

Once again VulDB remains the best source for vulnerability data.

Reservation

11/22/2015

Disclosure

12/12/2023

Moderation

VulDB entry created

Entries

VDB-219629 (1)

CPE

ready

CWE

CWE-284 (Confirmed)

CVSS

6.5

EPSS

0.00173

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-8314
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-8314
CVE Details	https://www.cvedetails.com/cve/CVE-2015-8314/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!