EUVD-2018-0182

Malware in sbrugna...

Cap-Strap gem for Ruby places credentials on the useradd command line

lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process...

GHSA-PCM6-G2QP-9GW8 Cap-Strap gem for Ruby places credentials on the useradd command line

lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process...

Command injection

lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process...

CVE-2014-4992

lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process...

CVE-2014-4992

lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process...

CVE-2014-4992

The CVE-2014-4992 issue affects the Cap-Strap gem for Ruby (version 0.1.5). The underlying flaw is that lib/cap-strap/helpers.rb places credentials on the useradd command line, making them observable in the process list by local users. This yields a local plaintext credential disclosure vulnerabi...

cap-strap Gem for Ruby Process Table Local Plaintext Credential Disclosure

cap-strap Gem for Ruby contains a flaw that is due to the application exposing credential information in plaintext in the process table listing. This may allow a local attacker to gain access to credential information...