Vulnerabilities > Heartcombo

DATE CVE VULNERABILITY TITLE RISK
2023-12-12 CVE-2015-8314 Cleartext Storage of Sensitive Information vulnerability in Heartcombo Devise
The Devise gem before 3.5.4 for Ruby mishandles Remember Me cookies for sessions, which may allow an adversary to obtain unauthorized persistent application access.
network
low complexity
heartcombo CWE-312
7.5
7.5