CVE-2014-4997 (point-cli): point-cli Gem for Ruby /lib/commands/setup.rb Process Table Local Plaintext Credential Disclosure

June 30th, 2014

ADVISORIES

CVE-2014-4997 (NVD)
GHSA-mc8m-x6hf-cw2g
OSVDB-108577

GEM

point-cli

SEVERITY

CVSS v3.x: 7.8 (High)

PATCHED VERSIONS

None.

DESCRIPTION

point-cli Gem for Ruby contains a flaw in /lib/commands/setup.rb that is due to the application exposing credential information in plaintext in the process table. This may allow a local attacker to gain access to credential information.

RubySec

CVE-2014-4997 (point-cli): point-cli Gem for Ruby /lib/commands/setup.rb Process Table Local Plaintext Credential Disclosure

ADVISORIES

GEM

SEVERITY

PATCHED VERSIONS

DESCRIPTION

Recent Advisories