Vulnerabilities > Tinfoilsecurity > Devise TWO Factor > 2.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2021-43177 | Unspecified vulnerability in Tinfoilsecurity Devise-Two-Factor As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password (OTP) for one (and only one) immediately trailing interval. | 5.3 |