CVE-2019-16060

The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklistkeys configuration option and consequently may disclose passwords to unauthorized actors. This is fixed in 4.2.4 also, 4.2.2 and earlier are unaffected...

EUVD-2019-0647

Malware in sbrugna...

Airbrake Ruby for Airbrake Information Disclosure Vulnerability

Airbrake is a suite of application exception monitoring software.Airbrake Ruby is a library that sends Ruby application exceptions to the Airbrake dashboard. An information disclosure vulnerability exists in Airbrake Ruby for Airbrake version 4.2.3, which can be exploited by an unauthorized...

Default configuration

The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklistkeys configuration option and consequently may disclose passwords to unauthorized actors. This is fixed in 4.2.4 also, 4.2.2 and earlier are unaffected...

Information Disclosure

airbrake-ruby is vulnerable to information disclosure. A misconfiguration where the NoticeNotifier is initialized without blacklist/whitelist keys being specified in Config, causes a filter on the password to stop taking effect and exposing the password in plaintext...