Sha256: d998e73ad37aa8ab8f975b8a7bd066bd3e33a26b5295ae0279d5d71040fd155d

Contents?: true

Size: 535 Bytes

Versions: 5

Compression:

Stored size: 535 Bytes

Contents

---
gem: xaviershay-dm-rails
cve: 2015-2179
osvdb: 118579
url: http://osvdb.org/show/osvdb/118579
title: |
  xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table
date: 2015-02-17
description: |
  xaviershay-dm-rails Gem for Ruby contains a flaw in the execute() function
  in /datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb. The issue is
  due to the function exposing sensitive information via the process table.
  This may allow a local attack to gain access to MySQL credential information.

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/xaviershay-dm-rails/OSVDB-118579.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/xaviershay-dm-rails/OSVDB-118579.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/xaviershay-dm-rails/OSVDB-118579.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/xaviershay-dm-rails/OSVDB-118579.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/xaviershay-dm-rails/OSVDB-118579.yml