Echor Ruby Gem credentials can be stolen via process table monitoring

🗓️ 14 May 2022 03:51:44Reported by GitHub Advisory DatabaseType

Echor Ruby Gem allows local users to steal login credential

Reporter	Title	Published	Views	Family All 6
Cvelist	CVE-2014-1835	2 Feb 201821:00	–	cvelist
OSV	Echor Ruby Gem credentials can be stolen via process table monitoring	14 May 202203:44	–	osv
Prion	Denial of service	2 Feb 201821:29	–	prion
NVD	CVE-2014-1835	2 Feb 201821:29	–	nvd
CVE	CVE-2014-1835	2 Feb 201821:29	–	cve
RubySec	echor Gem for Ruby Process Listing Local Plaintext Credential Disclosure	13 Jan 201420:00	–	rubygems

Vulners

Node

echor_project echorRange≤0.1.6

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2014-1835
openwall	www.openwall.com/lists/oss-security/2014/01/31/10
github	www.github.com/rubysec/ruby-advisory-db/blob/master/gems/echor/CVE-2014-1835.yml
github	www.github.com/advisories/GHSA-j4gx-p3x5-m987

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 May 2022 03:44Current

6.6Medium risk

Vulners AI Score6.6

CVSS22.1

CVSS37.8

EPSS0.00042