pkg:RubyGems/devise-two-factor

3 total CVEsMEDIUM3

✅ Check your installed version

All known vulnerabilities

  • MEDIUM5.3CVE-2024-8796Devise-Two-Factor Authentication Uses Insufficient Default OTP Shared Secret Length
    >= 4.0.0, < 6.0.0
  • MEDIUM5.3CVE-2021-43177Improper one time password handling in devise-two-factor
    from 0, < 4.0.2
  • MEDIUM5.3CVE-2015-7225Tinfoil Devise-two-factor does not "burn" a successfully validated one-time password (OTP)
    from 0, < 2.0.0