GHSA-mc8m-x6hf-cw2g

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mc8m-x6hf-cw2g/GHSA-mc8m-x6hf-cw2g.json
Aliases
  • CVE-2014-4997
Published
2022-05-14T03:47:44Z
Modified
2023-04-11T01:21:20.993475Z
Details

lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.

References

Affected packages

RubyGems / point-cli

point-cli

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Last affected
0.0.1

Affected versions

0.*

0.0.1