2 matches found
UBUNTU-CVE-2019-5421
Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The Devise::Models::Lockable class, more specifically at the incrementfailedattempts method. File location: lib/devise/models/lockable.rb that can result in Multiple concurrent requests c...
CVE-2019-5421
CVE-2019-5421 affects Plataformatec Devise up to version 4.5.0 (and earlier) where the lockable module, specifically Devise::Models::Lockable,#increment_failed_attempts, contains a CWE-367 race condition. This can allow multiple concurrent requests to bypass blocking of brute-force attempts, with...