CVE-2014-4995

Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:vladtheenterprising_project:vladtheenterprising:0.2.0:*:*:*:*:ruby:*:*

History

No history.

Information

Published : 2018-01-10 18:29

Updated : 2024-02-04 19:29


NVD link : CVE-2014-4995

Mitre link : CVE-2014-4995

CVE.ORG link : CVE-2014-4995


JSON object : View

Products Affected

vladtheenterprising_project

  • vladtheenterprising
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')