| Release | Version |
|---|---|
| stretch | 3.0.0-2 |
| bullseye | 3.1.0-2 |
| bookworm | 4.0.2-1 |
| sid | 4.0.2-1 |
| Bug | stretch | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|
| CVE-2024-8796 | vulnerable | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable | Under the default configuration, Devise-Two-Factor versions >= 2.2.0 & ... |
| CVE-2021-43177 | vulnerable | vulnerable (no DSA) | fixed | fixed | As a result of an incomplete fix for CVE-2015-7225, in versions of dev ... |
| Bug | Description |
|---|---|
| CVE-2015-7225 | Tinfoil Devise-two-factor before 2.0.0 does not strictly follow sectio ... |