Lucene search
+L

CVE-2019-5421

🗓️ 03 Apr 2019 14:21:37Reported by Debian Security Bug TrackerType 
debiancve
 debiancve
🔗 security-tracker.debian.org👁 20 Views

Plataformatec Devise version 4.5.0 & earlier has CWE-367 vulnerability in `Devise::Models::Lockable` class, allowing multiple concurrent requests to prevent attacker from being blocked on brute force attacks

Related
Packages
ReporterTitlePublishedViews
Family
cve
CVE-2019-5421
3 Apr 201914:21
cve
cvelist
CVE-2019-5421
3 Apr 201914:21
cvelist
euvd
EUVD-2019-0372
7 Oct 202500:30
euvd
github
devise Time-of-check Time-of-use Race Condition vulnerability
19 Mar 201918:03
github
nvd
CVE-2019-5421
3 Apr 201915:29
nvd
osv
DEBIAN-CVE-2019-5421
3 Apr 201915:29
osv
osv
GHSA-73RF-6MRF-759Q devise Time-of-check Time-of-use Race Condition vulnerability
19 Mar 201918:03
osv
osv
UBUNTU-CVE-2019-5421
3 Apr 201915:29
osv
prion
Design/Logic Flaw
3 Apr 201915:29
prion
rubygems
Devise Gem for Ruby Time-of-check Time-of-use race condition with lockable module
7 Feb 201900:00
rubygems
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Debian11anyruby-devise4.5.0-3ruby-devise_4.5.0-3_any.deb
Debian12anyruby-devise4.5.0-3ruby-devise_4.5.0-3_any.deb

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

03 Apr 2019 14:21Current
9.5High risk
Vulners AI Score9.5
CVSS 27.5
CVSS 3.19.8
EPSS0.01556
20