CVE-2014-1835: Credential information exposure

February 2, 2018 (updated February 14, 2018)

The echor Gem for Ruby contains a flaw that is due to the program exposing credential information in the system process listing. This may allow a local attacker to gain access to plaintext credential information.

References

osvdb.org/show/osvdb/102130

Detect and mitigate CVE-2014-1835 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →