RubySec

Providing security resources for the Ruby community

OSVDB-112683 (as): as Gem for Ruby Process List Local Plaintext Credentials Disclosure

ADVISORIES

  • OSVDB-112683

GEM

as

PATCHED VERSIONS

None.

DESCRIPTION

as Gem for Ruby contains a flaw that is due to the program displaying credential information in plaintext in the process list. This may allow a local attacker to gain access to credential information.

Contact us @rubysec or open an issue on our GitHub repository.

Recent Advisories