ADVISORIES
- CVE-2014-4999 (NVD)
- OSVDB-108529
GEM
PATCHED VERSIONS
None.
DESCRIPTION
kajam Gem for Ruby contains a flaw in /dataset/lib/dataset/database/postgresql.rb that is triggered as the program exposes the MySQL or PostgreSQL password in the process list. This may allow a local attacker to gain access to password information.