This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
{"id": "CVE-2015-8314", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2015-8314", "description": "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", "published": "2023-01-27T00:35:33", "modified": "2023-01-27T00:35:33", "cvss": {}, "cvss2": {}, "cvss3": {}, "href": "", "reporter": "candidate", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2023-01-27T00:35:33", "viewCount": 24, "enchantments": {"dependencies": {"references": [{"type": "osv", "idList": ["OSV:GHSA-746G-3GFP-HFHW"]}]}, "score": {"value": 1.5, "vector": "NONE"}, "vulnersScore": 1.5}, "_state": {"dependencies": 1674779827, "score": 1684017862, "epss": 1679355295}, "_internal": {"score_hash": "67c697668752808021a10faa981d012a"}, "cna_cvss": {}, "cpe": [], "cpe23": [], "cwe": [], "affectedSoftware": [], "affectedConfiguration": [], "cpeConfiguration": {}, "extraReferences": [], "product_info": [], "exploits": [], "problemTypes": []}
{"osv": [{"lastseen": "2023-04-11T01:41:21", "description": "Devise version before 3.5.4 uses cookies to implement a \"Remember me\" functionality. However, it generates the same cookie for all devices. If an attacker manages to steal a remember me cookie and the user does not change the password frequently, the cookie can be used to gain access to the application indefinitely.\n", "cvss3": {}, "published": "2023-01-26T23:54:07", "type": "osv", "title": "Devise Gem for Ruby Unauthorized Access Using Remember Me Cookie", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-8314"], "modified": "2023-04-11T01:41:18", "id": "OSV:GHSA-746G-3GFP-HFHW", "href": "https://osv.dev/vulnerability/GHSA-746g-3gfp-hfhw", "cvss": {"score": 0.0, "vector": "NONE"}}], "github": [{"lastseen": "2023-01-27T02:06:05", "description": "Devise version before 3.5.4 uses cookies to implement a \"Remember me\" functionality. However, it generates the same cookie for all devices. If an attacker manages to steal a remember me cookie and the user does not change the password frequently, the cookie can be used to gain access to the application indefinitely.\n", "cvss3": {}, "published": "2023-01-26T23:54:07", "type": "github", "title": "Devise Gem for Ruby Unauthorized Access Using Remember Me Cookie", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-8314"], "modified": "2023-01-26T23:54:08", "id": "GHSA-746G-3GFP-HFHW", "href": "https://github.com/advisories/GHSA-746g-3gfp-hfhw", "cvss": {"score": 0.0, "vector": "NONE"}}]}
CVE-2015-8314
