Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2022/05/14 3:47 a.m.26 views

kajam allows local users to obtain sensitive information by listing the process

vendor/plugins/dataset/lib/dataset/database/mysql.rb in the kajam gem 1.0.3.rc2 for Ruby places the mysql user password on the 1 mysqldump command line in the capture function and 2 mysql command line in the restore function, which allows local users to obtain sensitive information by listing the...

7.8CVSS7AI score0.00522EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2018/01/10 6:29 p.m.12 views

Command injection

test/tcdatabase.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...

2.1CVSS6.6AI score0.00522EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2018/01/10 6:29 p.m.23 views

CVE-2014-4999

vendor/plugins/dataset/lib/dataset/database/mysql.rb in the kajam gem 1.0.3.rc2 for Ruby places the mysql user password on the 1 mysqldump command line in the capture function and 2 mysql command line in the restore function, which allows local users to obtain sensitive information by listing the...

7.8CVSS7.5AI score0.00522EPSS
Exploits1References3
Cvelist
Cvelist
added 2018/01/10 6:0 p.m.17 views

CVE-2014-4998

test/tcdatabase.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...

7.5AI score0.00522EPSS
Exploits1References3
Rows per page
Query Builder