SUSE CVE-2016-4442

The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks...

Rack-Mini-Profiler Information Disclosure

Rack-Mini-Profiler is a middleware that displays a speed badge for each html page. Designed to work in both production and development but when the 'enableadvanceddebuggingtools' option is selected it is possible to access sensitive information such as environment variables and other secrets stor...

Discourse < 2.4.0.beta5 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

GHSA-995J-587R-259W Moderate severity vulnerability that affects rack-mini-profiler

Withdrawn, accidental duplicate publish. The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks...

GHSA-J5HJ-FHC9-G24M rack-mini-profiler allows remote attackers to obtain sensitive information about allocated strings and objects

The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks...

CVE-2016-4442

The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks...

CVE-2016-4442

The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks...

CVE-2016-4442

The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks...

CVE-2016-4442

The CVE concerns the rack-mini-profiler gem for Ruby, specifically versions before 0.10.1. The underlying issue is an incorrect ordering of security checks that can allow remote attackers to obtain sensitive information about allocated strings and objects. This is confirmed in multiple connected ...

Ruby gem rack-mini-profiler Sensitive Information Access Vulnerability

Ruby gem rack-mini-profiler is an integrated client, database and server analysis toolkit for Ruby application development. A sensitive information acquisition vulnerability exists in Ruby gem rack-mini-profiler, which allows remote attackers to obtain sensitive strings and object information by...