EUVD-2018-0236

Malware in sbrugna...

Kcapifony gem for Ruby places database user passwords on the command line

lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the 1 mysqldump, 2 pgdump, 3 mysql, and 4 psql command lines, which allows local users to obtain sensitive information by listing the processes...

GHSA-6FCQ-3CM2-J3J5 Kcapifony gem for Ruby places database user passwords on the command line

lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the 1 mysqldump, 2 pgdump, 3 mysql, and 4 psql command lines, which allows local users to obtain sensitive information by listing the processes...

CVE-2014-5001

CVE-2014-5001 affects the Ruby gem kcapifony (version 2.1.6) via the file lib/ksymfony1.rb . The underlying issue is that the program places database user passwords on the command line for the tools mysqldump , pg_dump , mysql , and psql , which allows local users to obtain sensitive information ...

CVE-2014-5001

lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the 1 mysqldump, 2 pgdump, 3 mysql, and 4 psql command lines, which allows local users to obtain sensitive information by listing the processes...