CVE-2014-1835 (echor): echor Gem for Ruby Process Listing Local Plaintext Credential Disclosure

January 14th, 2014

ADVISORIES

CVE-2014-1835 (NVD)
GHSA-j4gx-p3x5-m987
OSVDB-102130

GEM

echor

SEVERITY

CVSS v3.x: 7.8 (High)

PATCHED VERSIONS

None.

DESCRIPTION

echor Gem for Ruby contains a flaw that is due to the program exposing credential information in the system process listing. This may allow a local attacker to gain access to plaintext credential information.

RubySec

CVE-2014-1835 (echor): echor Gem for Ruby Process Listing Local Plaintext Credential Disclosure

ADVISORIES

GEM

SEVERITY

PATCHED VERSIONS

DESCRIPTION

Recent Advisories