MidnightBSD

Advisories for lawn-login_project

CVE-2014-5000 LOW

The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
lawn-login_project lawn-login 0.0.7