8 matches found
EUVD-2017-0213
Malware in sbrugna...
GHSA-44VC-FPCG-5CC5 Moderate severity vulnerability that affects safemode
Withdrawn, accidental duplicate publish. The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method...
CVE-2016-3693
The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method...
Information disclosure
The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method...
CVE-2016-3693
The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method...
PT-2016-5662 · Ruby · Safemode
Name of the Vulnerable Software and Affected Versions: Safemode gem versions prior to 1.2.4 Description: The issue allows context-dependent attackers to obtain sensitive information via the inspect method when the Safemode gem is initialized with a delegate object that is a Rails controller...
Safemode Gem for Ruby is vulnerable to information disclosure
Safemode is initialised with an optional 'delegate' object. If the delegated object is a Rails controller, 'inspect' could be called which then exposes all informations about the App, including routes, secret tokens, caches and so on...
Foreman Safemode Rails Controller Information Disclosure Vulnerability
Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A security vulnerability exists in Foreman version 1.x that stems from an error in the Safemode gem...