Vulnerabilities > Plataformatec > Devise > 1.1.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-08 | CVE-2019-16109 | Unspecified vulnerability in Plataformatec Devise An issue was discovered in Plataformatec Devise before 4.7.1. | 5.0 |
| 2019-04-03 | CVE-2019-5421 | Improper Restriction of Excessive Authentication Attempts vulnerability in Plataformatec Devise Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. | 7.5 |