Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

rubygems spree_auth_devise Security Advisories

Browse all Security Advisories for rubygems spree_auth_devise

Loading...
Moderate
GSA_kwCzR0hTQS1qcDU3LTlqMzctNTQ3Ns4AAfSa
spree_auth_devise allows remote authenticated users to assign themselves arbitrary roles
Ecosystems: rubygems
Packages: spree_auth_devise
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1ncHFjLTRwcDctNTk1NM0XVQ
Authentication Bypass by CSRF Weakness
Ecosystems: rubygems
Packages: spree_auth_devise
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: about 3 years ago
Critical
GSA_kwCzR0hTQS04eGZ3LTVxODItMzY1Ms0XVA
Authentication Bypass by CSRF Weakness
Ecosystems: rubygems
Packages: spree_auth_devise
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: about 3 years ago
Critical
GSA_kwCzR0hTQS02bXFyLXE4NnEtNmd3cs0XUw
Authentication Bypass by CSRF Weakness
Ecosystems: rubygems
Packages: spree_auth_devise
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: about 3 years ago
Critical
GSA_kwCzR0hTQS0yNnh4LW00cTIteGhxOM0XUg
Authentication Bypass by CSRF Weakness
Ecosystems: rubygems
Packages: spree_auth_devise
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: about 3 years ago
Statistics
Advisories: 21,164
Packages: 9,230
Repositories: 2
Ecosystems: 12
Filter by Severity
Moderate 9,051 High 7,436 Critical 3,103 Low 1,196
Filter by Ecosystem
maven 5,962 packagist 4,739 pypi 4,460 npm 3,875 go 2,403 nuget 1,608 cargo 925 rubygems 887 swift 34 hex 32 actions 22 pub 10
Filter by Package
actionpack 61 nokogiri 43 rubygems-update 25 rack 23 puppet 23 activerecord 21 rails-html-sanitizer 14 publify_core 14 activesupport 14 camaleon_cms 14 passenger 13 puma 12 actionview 12 decidim 11 rails 11 fat_free_crm 10 org.webjars:bootstrap 9 bootstrap 9 bootstrap 9 jquery-rails 9 twbs/bootstrap 9 bootstrap 9 org.webjars.npm:jquery 8 jquery 8 bootstrap-sass 8 jQuery 7 rexml 7 jquery-ui-rails 7 bootstrap.sass 7 jQuery.UI.Combined 7 org.jruby:jruby-stdlib 7 org.webjars.npm:jquery-ui 7 jquery-ui 7 katello 6 ember-source 6 doorkeeper 6 loofah 6 grpcio 5 spree_auth_devise 5 grpc 5 spree 5 commonmarker 5 bundler 5 bootstrap-sass 5 sinatra 5 sidekiq 5 webrick 5 sanitize 4 devise 4 carrierwave 4 dragonfly 4 activestorage 4 avo 4 ruby-saml 4 mail 4 fluentd 4 rails_admin 4 rest-client 3 private_address_check 3 devise-two-factor 3 io.grpc:grpc-protobuf 3 json-jwt 3 phlex 3 spina 3 rack-cors 3 openssl 3 decidim-admin 3 activeadmin 3 decidim-core 3 rubyzip 3 cgi 3 gollum 3 git 3 yard 3 actiontext 3 geminabox 3 resque 3 rdoc 3 com.google.protobuf:protobuf-java 3 openc3 3 chartkick 3 google-protobuf 3 com.google.protobuf:protobuf-kotlin 3 openc3 3 omniauth 3 VladTheEnterprising 2 com.google.protobuf:protobuf-kotlin-lite 2 sidekiq-unique-jobs 2 org.webjars.npm:bootstrap 2 sprockets 2 solidus_core 2 twitter-bootstrap-rails 2 solidus_frontend 2 user_agent_parser 2 sup 2 mapbox-rails 2 mapbox.js 2 qiita-markdown 2 yajl-ruby 2 httparty 2 omniauth-saml 2 uri 2 logstash-core 2 administrate 2 safemode 2 maximebf/debugbar 2 bson 2 echor 2 radiant 2 kramdown 2 view_component 2 pwpush 2 field_test 2 i18n 2 redcarpet 2 decidim-meetings 2 @openc3/tool-common 2 secure_headers 2 omniauth-facebook 2 decidim-templates 2 paperclip 2 red-arrow 2 pyarrow 2 kaminari 2 net-ldap 2 cocoapods-downloader 2 com.google.protobuf:protobuf-javalite 2 git-fastclone 2 mini_magick 2 facter 2 actionmailer 2 mechanize 2 faye 2 pghero 2 pdfkit 2 pageflow 2 json 2 ruby-openid 2 ox 2 em-http-request 1 geokit-rails 1 spree_api 1 dependabot-common 1 activejob 1 railties 1 audited 1 iodine 1 sqlite-vec 1 sqlite-vec 1 sqlite-vec 1 sqlite-vec 1 active-support 1 diffy 1 will_paginate 1 twitter-stream 1 datagrid 1 simple_captcha2 1 svg_optimizer 1 http 1 trestle-auth 1 protocol-http1 1 tweetstream 1 jmespath 1 text_helpers 1 request_store 1 omniauth-apple 1 redis-store 1 omniauth_amazon 1 coming-soon 1 bitcoin_vanity 1 capistrano-colors 1 doge-coin 1 awesome-bot 1 blockchain_wallet 1 coin_base 1 cron_parser 1 curl 1 omniauth-oauth2 1 kredis 1 ldap_fluff 1 easymon 1 sfpagent 1 web-console 1 rake 1 clearance 1 fog-dragonfly 1 date 1 awesome_spawn 1 minitar 1 archive-tar-minitar 1 chartkick 1 karteek-docsplit 1 features 1 ruby_parser 1 gtk2 1 better_errors 1 recurly 1 colorscore 1 sqlite3-ruby 1 cap-strap 1
Filter by Repository
https://github.com/solidusio/solidus_auth_devise 4 https://github.com/spree/spree_auth_devise 1