Every CVE whose affected-product data names Plataformatec Devise, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2019-5421 — CVSS 9.8 (critical): Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable`…
CVE-2013-0233 — CVSS 6.8 (medium): Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does…
CVE-2019-16109 — CVSS 5.3 (medium): An issue was discovered in Plataformatec Devise before 4.7.1. It confirms accounts upon receiving a request with a blank…