4 matches found
CVE-2015-8314
The Devise gem before 3.5.4 for Ruby mishandles Remember Me cookies for sessions, which may allow an adversary to obtain unauthorized persistent application access...
SUSE CVE-2015-8314
The Devise gem before 3.5.4 for Ruby mishandles Remember Me cookies for sessions, which may allow an adversary to obtain unauthorized persistent application access...
CVE-2015-8314
CVE-2015-8314 affects the Devise gem for Ruby prior to 3.5.4, where the Remember Me cookie handling is flawed. This flaw may allow an attacker to obtain unauthorized persistent access to an application by leveraging the compromised cookie. The issue is reported across multiple sources (Red Hat, D...
CVE-2015-8314
The Devise gem before 3.5.4 for Ruby mishandles Remember Me cookies for sessions, which may allow an adversary to obtain unauthorized persistent application access...