CVE-2015-2179: MySQL credential exposure

February 17, 2015

The execute function in the xaviershay-dm-rail package exposes user credentials to the process table in /datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb

References

osvdb.org/show/osvdb/118579
seclists.org/fulldisclosure/2015/Feb/86

Detect and mitigate CVE-2015-2179 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →