1 results (0.001 seconds)
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2014-4997
https://notcve.org/view.php?id=CVE-2014-4997
lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process. lib/commands/setup.rb en la gema point-cli 0.0.1 para Ruby coloca credenciales en la línea de comandos de curl. Esto permite que usuarios locales obtengan información sensible listando el proceso. • http://www.openwall.com/lists/oss-security/2014/07/07/16 http://www.openwall.com/lists/oss-security/2014/07/17/5 http://www.securityfocus.com/bid/68735 http://www.vapid.dhs.org/advisories/point-cli-0.0.1.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •