Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-2P82-V77V-MPPR
HistorySep 11, 2019 - 11:05 p.m.

Airbrake keys not being filtered

2019-09-1123:05:57
Google
osv.dev
5

EPSS

0.002

Percentile

55.9%

JSON

The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklist_keys configuration option and consequently may disclose passwords to unauthorized actors. This is fixed in 4.2.4 (also, 4.2.2 and earlier are unaffected).

Related

cve 1
veracode 1
rubygems 1
osv 1
nvd 1
prion 1
github 1
cvelist 1
cve
cve
CVE-2019-16060
2019-09-06 19:15:11
veracode
veracode
Information Disclosure
2019-09-06 03:22:40
rubygems
rubygems
Blacklist keys are no longer being filtered in airbrake-ruby
2019-04-09 21:00:00
osv
osv
CVE-2019-16060
2019-09-06 19:15:11
nvd
nvd
CVE-2019-16060
2019-09-06 19:15:11
prion
prion
Default configuration
2019-09-06 19:15:00
github
github
Airbrake keys not being filtered
2019-09-11 23:05:57
cvelist
cvelist
CVE-2019-16060
2019-09-06 18:15:15

EPSS

0.002

Percentile

55.9%

JSON
Related for OSV:GHSA-2P82-V77V-MPPR
cve1veracode1rubygems1osv1nvd1prion1github1cvelist1