Sha256: 7a2e5a2ddb970607a8c1fe3380a8bb4892db5276198103288e29ef7cdaf35d34
Contents?: true
Size: 502 Bytes
Versions: 1
Compression:
Stored size: 502 Bytes
Contents
--- gem: devise cve: 2019-16109 url: https://github.com/plataformatec/devise/issues/5071 title: Devise Gem for Ruby confirmation token validation with a blank string date: 2019-09-08 description: | Devise before 4.7.1 confirms accounts upon receiving a request with a blank confirmation_token, if a database record has a blank value in the confirmation_token column. However, there is no scenario within Devise itself in which such database records would exist. patched_versions: - ">= 4.7.1"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/devise/CVE-2019-16109.yml |