RubyGems package
echor
pkg:gem/echor
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-1835 | — | <= 0.1.6 | — | Feb 2, 2018 | The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table. | ||
| CVE-2014-1834 | — | <= 0.1.6 | — | Feb 2, 2018 | The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password. |
- CVE-2014-1835Feb 2, 2018affected <= 0.1.6
The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table.
- CVE-2014-1834Feb 2, 2018affected <= 0.1.6
The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password.