Launch Week Day 1: Announcing Security Design Review
Start for Free
rubygems

devise

View on rubygems registry
6 Total advisories
6 Vulnerabilities
0 Malware

Vulnerabilities

MEDIUM 6.1
RubyGems

CVE-2026-40295

Devise has an Open Redirect via Unvalidated `request.referrer` in Timeoutable Session Timeout Handler
MEDIUM 5.3
RubyGems

CVE-2026-32700

Devise has a confirmable "change email" race condition permits user to confirm email they have no access to
HIGH 7.5
RubyGems

CVE-2015-8314

Devise Gem for Ruby Unauthorized Access Using "Remember Me" Cookie
UNKNOWN
RubyGems

CVE-2013-0233

Devise does not properly perform type conversion when performing database queries
UNKNOWN
RubyGems

CVE-2019-5421

devise Time-of-check Time-of-use Race Condition vulnerability
MEDIUM 5.3
RubyGems

CVE-2019-16109

Authentication Bypass in Devise

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes