GHSA-959J-5G9V-3FPQ Paratrooper-newrelic Exposes of Sensitive Information to an Unauthorized Actor

The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process...

Local API Login Credentials Disclosure in paratrooper-pingdom

The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process. Vulnerable Code: From: paratrooper-pingdom-1.0.0/lib/paratrooper-pingdom.rb ruby def setupoptions = %xcurl https://api.pingdom.com/api/2.0/checks -X PUT ...

Paratrooper-newrelic Exposes of Sensitive Information to an Unauthorized Actor

The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process...

CVE-2014-1234

The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process...

CVE-2014-1233

The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process...

Default credentials

The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process...

Design/Logic Flaw

The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process...

CVE-2014-1233

The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process...

CVE-2014-1234

The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process...

CVE-2014-1234

CVE-2014-1234 affects the paratrooper-newrelic gem (Ruby) v1.0.1. A local attacker can obtain the X-Api-Key by listing the curl process, due to leakage in the process tree. Impact is local exposure of the API key. Public patches or mitigations are not detailed in the provided documents; refer to ...