CVE-2014-5004: Plaintext Password Disclosure

January 10, 2018 (updated January 30, 2018)

The program exposes password information in plaintext in the process list. This may allow a local attacker to gain access to password information.

References

github.com/rubysec/ruby-advisory-db/blob/master/gems/brbackup/OSVDB-108901.yml

Code Behaviors & Features

Detect and mitigate CVE-2014-5004 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →