GHSA-86cf-g34f-7462

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-86cf-g34f-7462/GHSA-86cf-g34f-7462.json
Aliases
  • CVE-2014-4995
Published
2022-05-14T03:48:04Z
Modified
2023-04-11T01:37:56.023475Z
Details

Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed.

References

Affected packages

RubyGems / VladTheEnterprising

VladTheEnterprising

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Last affected
0.2

Affected versions

0.*

0.1.4
0.1.5
0.1.6
0.1.7
0.1.8
0.2