Description
Devise is a flexible authentication solution for Rails based on Warden. Devise is vulnerable to a password reset exploit leveraging type confusion. Using a specially crafted request, an attacker could trick the database type conversion code to return incorrect records. For some token values this could allow an attacker to bypass the proper checks and gain control of other accounts.
Remediation
Upgrade to the latest version of Devise (this issue was fixed in v2.2.3, v2.1.3, v2.0.5 and v1.5.4).
References
Related Vulnerabilities
WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Security Bypass (3.6.0)
WordPress 'wp-admin/admin.php' Module Configuration Security Bypass Vulnerability (0.6.2 - 2.8)
WordPress Plugin Frontier Post Security Bypass (1.3.2)
WordPress Plugin Import Export WordPress Users Security Bypass (1.3.8)
WordPress Plugin The Official Facebook Chat Security Bypass (1.5)