CVE-2014-1234

CVE-2014-1234

EPSS 0.5%

The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://openwall.com/lists/oss-security/2014/01/08/2 http://www.vapid.dhs.org/advisories/paratrooper-newrelic-api.html