7 matches found
EUVD-2022-5545
Malicious code in bioql PyPI...
GHSA-W9VV-FVW8-J6Q3 codders-dataset Process Table Local Plaintext Credential Disclosure
lib/dataset/database/mysql.rb and lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby both place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
codders-dataset Process Table Local Plaintext Credential Disclosure
lib/dataset/database/mysql.rb and lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby both place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
CVE-2014-4991
1 lib/dataset/database/mysql.rb and 2 lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
CVE-2014-4991
1 lib/dataset/database/mysql.rb and 2 lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
CVE-2014-4991
CVE-2014-4991 affects the Ruby gem codders-dataset (version 1.3.2.1). The vulnerability is in two files, lib/dataset/database/mysql.rb and lib/dataset/database/postgresql.rb, where credentials are placed on the mysqldump command line. This allows a local user to obtain sensitive information by li...
codders-dataset Gem for Ruby lib/dataset/database/mysql.rb and lib/dataset/database/postgresql.rb Process Table Local Plaintext Credential Disclosure
"1 lib/dataset/database/mysql.rb and 2 lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process."...