ADVISORIES
- CVE-2013-0233 (NVD)
- GHSA-jxhw-mg8m-2pj8
- OSVDB-89642
GEM
SEVERITY
CVSS v2.0: 6.8 (Medium)
PATCHED VERSIONS
- ~> 1.5.4
- ~> 2.0.5
- ~> 2.1.3
- >= 2.2.3
DESCRIPTION
Devise contains a flaw that is triggered during when a type conversion error occurs during the parsing of a malformed request. With a specially crafted request, a remote attacker can bypass security restrictions.