spree_auth_devise vulnerabilities

Provides authentication and authorization services for use with Spree by using Devise and CanCan.

Direct Vulnerabilities

Known vulnerabilities in the spree_auth_devise package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Cross-site Request Forgery (CSRF)

>=4.3.0, <4.4.1 >=4.2.0, <4.2.1 >=4.1.0, <4.1.1 <4.0.1
  • C
Cross-site Request Forgery (CSRF)

<4.0.1 >=4.1.0, <4.1.1 >=4.2.0, <4.2.1 >=4.3.0, <4.4.1
  • M
Privilege Escalation

<1.1.6