RSS   Podatności dla 'Lawn-login'   RSS

2018-01-10
 
CVE-2014-5000

CWE-200
 

 
The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.

 


Copyright 2021, cxsecurity.com

 

Back to Top