← Back

Vladtheenterprising Project

vladtheenterprising_project

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Vladtheenterprising
vladtheenterprising
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2014-4996
1Vladtheenterprising Project
1Vladtheenterprising
Nov 21, 2024
Jan 10, 2018
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}.
CVE-2014-4995
1Vladtheenterprising Project
1Vladtheenterprising
Nov 21, 2024
Jan 10, 2018
N/A· v4
7.0 HIGH· v3
1.9 LOW· v2
Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed.