Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:36 p.m.6 views

CVE-2021-43177

As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password OTP for one and only one immediately trailing interval. CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N...

5.3CVSS6.7AI score0.01782EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-43177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password OTP for one and...

5.3CVSS5.5AI score0.00846EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/10/02 12:0 a.m.11 views

Ubuntu: Security Advisory (USN-7050-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6CVSS5.3AI score0.00846EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/01 12:0 a.m.18 views

Ubuntu 20.04 LTS / 22.04 LTS : Devise-Two-Factor vulnerabilities (USN-7050-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7050-1 advisory. Benoit Ct-Jodoin and Michael Nipper discovered that Devise-Two-Factor incorrectly handled one-time password validation. An attacker could...

6CVSS5.9AI score0.00846EPSS
Exploits0References3
OSV
OSV
added 2022/04/11 8:15 p.m.18 views

CVE-2021-43177

As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password OTP for one and only one immediately trailing interval. CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N...

5.3CVSS5.2AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/04/11 8:15 p.m.47 views

CVE-2021-43177

As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password OTP for one and only one immediately trailing interval. CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N...

5.3CVSS6.1AI score0.00846EPSS
Exploits0References5
OSV
OSV
added 2022/04/11 8:15 p.m.2 views

UBUNTU-CVE-2021-43177

As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password OTP for one and only one immediately trailing interval. CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N...

5.3CVSS6AI score0.00846EPSS
Exploits0References6
CVE
CVE
added 2022/04/11 7:37 p.m.102 views

CVE-2021-43177

CVE-2021-43177 affects Devise-Two-Factor prior to 4.0.2. The vulnerability results from an incomplete fix for CVE-2015-7225, allowing an attacker to reuse a One-Time-Password (OTP) for the immediately trailing interval. The issue is documented across multiple sources (e.g., NVD, GN, Debian, Ubunt...

5.3CVSS5AI score0.00846EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder