omniauth-facebook 1.1.0
1 security vulnerability
found in version
1.1.0
omniauth-facebook Gem for Ruby Insecure Access Token Handling Authentication Bypass
high severity CVE-2013-4593
high severity
CVE-2013-4593
Patched versions:
>= 1.5.1
omniauth-facebook Gem for Ruby contains a flaw that is due to the application supporting passing the access token via the URL. This may allow a remote attacker to bypass authentication and authenticate as another user.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
Gem version without a license.
Unless a license that specifies otherwise is included, nobody can use, copy, distribute, or modify this library without being at risk of take-downs, shake-downs, or litigation.
This gem version is available.
This gem version has not been yanked and is still available for usage.