The devise_masquerade gem before 1.3 allows certain attacks when a password's salt is unknown
Reporter | Title | Published | Views | Family All 9 |
---|---|---|---|---|
Prion | Code injection | 7 Dec 202121:15 | – | prion |
Cvelist | CVE-2021-28680 | 7 Dec 202120:32 | – | cvelist |
CNVD | Alexandr Korsak Devise Masquerade has an unspecified vulnerability | 8 Dec 202100:00 | – | cnvd |
OSV | Improper Privilege Management in devise_masquerade | 8 Dec 202119:55 | – | osv |
CVE | CVE-2021-28680 | 7 Dec 202121:15 | – | cve |
NVD | CVE-2021-28680 | 7 Dec 202121:15 | – | nvd |
RubySec | Improper Privilege Management in devise_masquerade | 7 Dec 202121:00 | – | rubygems |
Github Security Blog | Improper Privilege Management in devise_masquerade | 8 Dec 202119:55 | – | github |
Veracode | Man-in-the-Middle (MitM) | 8 Dec 202103:32 | – | veracode |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo