logo

Database

Security

Vulnerabilities

Real-time alerts of vulnerabilities across monitored open-source ecosystems.

Ecosystems covered

2

Debian, RubyGems

Total vulnerabilities tracked

21

From global vulnerability databases

Exclude malware
Package devise

FLAT-6Y7MH (CVE-2026-40295)

Uncontrolled external site redirect In ruby-devise

0.6

Low

Ecosystem: Debian

Package: ruby-devise

FLAT-PEVDU (MAL-2026-3632)

Use of software with malware In knot-devise-jwt-helper

5.2

Medium

Ecosystem: RubyGems

Package: knot-devise-jwt-helper

FLAT-KCXQY (CVE-2026-32700)

Race condition In ruby-devise

2.3

Low

Ecosystem: Debian

Package: ruby-devise

FLAT-XK6BJ (CVE-2024-8796)

Insecure generation of random numbers In devise-two-factor

2.3

Low

Ecosystem: RubyGems

Package: devise-two-factor

FLAT-H4VLD (CVE-2024-0227)

Lack of protection against brute force attacks In devise-two-factor

0.0

None

Ecosystem: RubyGems

Package: devise-two-factor

FLAT-MKS9V (CVE-2015-8314)

Security controls bypass or absence In ruby-devise

6.6

Medium

Ecosystem: Debian

Package: ruby-devise

FLAT-DAAZU (CVE-2019-16751)

Reflected cross-site scripting (XSS) In devise_token_auth

1.3

Low

Ecosystem: RubyGems

Package: devise_token_auth

FLAT-68XPL (CVE-2013-2506)

Authentication mechanism absence or evasion In spree_auth_devise

2.7

Low

Ecosystem: RubyGems

Package: spree_auth_devise

FLAT-ZHM13 (CVE-2021-43177)

Improper authorization control for web services In ruby-devise-two-factor

2.3

Low

Ecosystem: Debian

Package: ruby-devise-two-factor

FLAT-45F4C (CVE-2021-28680)

Excessive privileges In devise_masquerade

7.2

High

Ecosystem: RubyGems

Package: devise_masquerade

FLAT-UTCLQ (GHSA-gpqc-4pp7-5954)

Cross-site request forgery In spree_auth_devise

0.0

None

Ecosystem: RubyGems

Package: spree_auth_devise

FLAT-E0DPG (GHSA-8xfw-5q82-3652)

Cross-site request forgery In spree_auth_devise

0.0

None

Ecosystem: RubyGems

Package: spree_auth_devise

FLAT-NENDJ (GHSA-6mqr-q86q-6gwr)

Cross-site request forgery In spree_auth_devise

0.0

None

Ecosystem: RubyGems

Package: spree_auth_devise

FLAT-FHGF0 (CVE-2021-41275)

Cross-site request forgery In spree_auth_devise

6.2

Medium

Ecosystem: RubyGems

Package: spree_auth_devise

FLAT-ZYKMK (CVE-2021-41274)

Cross-site request forgery In solidus_auth_devise

6.2

Medium

Ecosystem: RubyGems

Package: solidus_auth_devise

FLAT-AUSVH (GHSA-wj5j-xpcj-45gc)

Cross-site request forgery In devise_invitable

0.0

None

Ecosystem: RubyGems

Package: devise_invitable

FLAT-O65AZ (CVE-2019-16109)

Improper authorization control for web services In devise

2.7

Low

Ecosystem: RubyGems

Package: devise

FLAT-FOE8T (CVE-2019-5421)

Race condition In ruby-devise

0.5

Low

Ecosystem: Debian

Package: ruby-devise

FLAT-GC2GT (CVE-2015-7225)

Authentication mechanism absence or evasion In devise-two-factor

2.3

Low

Ecosystem: RubyGems

Package: devise-two-factor

FLAT-9OYIJ (CVE-2013-0233)

Lack of data validation - Type confusion In devise

1.2

Low

Ecosystem: RubyGems

Package: devise

FLAT-0I8PZ (OSVDB-114435)

Insecure session management In devise

0.6

Low

Ecosystem: RubyGems

Package: devise