CVE-2015-3448

CVE-2015-3448

EPSS 0.4%

REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://lists.opensuse.org/opensuse-updates/2015-04/msg00026.html https://github.com/rest-client/rest-client/issues/349 http://www.osvdb.org/117461 http://www.securityfocus.com/bid/74415