CVE-2014-4993 (backup_checksum): backup_checksum Gem for Ruby /lib/backup/cli/utility.rb Process List Local Plaintext Password Disclosure

backup_checksum Gem for Ruby /lib/backup/cli/utility.rb Process List Local Plaintext Password Disclosure

Published: June 30, 2014

SECURITY IDENTIFIERS

CVE: CVE-2014-4993 (NVD)
GHSA: GHSA-wr5j-q359-6vr2
OSVDB: OSVDB-108569

GEM

backup_checksum

SEVERITY

CVSS v3.x: 7.8 (High)

PATCHED VERSIONS

None available.

DESCRIPTION

backup_checksum Gem for Ruby contains a flaw in /lib/backup/cli/utility.rb that is triggered as the program displays password information in plaintext in the process list. This may allow a local attacker to gain access to password information.

RubySec